From 2866f6fc23d1dc263316355a9e388284be052e15 Mon Sep 17 00:00:00 2001
From: Stian Thorgersen <stianst@gmail.com>
Date: Mon, 16 Jun 2014 17:55:03 +0100
Subject: [PATCH 01/15] KEYCLOAK-526 Fix iframe origin when auth server url is
 relative

---
 integration/js/src/main/resources/keycloak.js | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/integration/js/src/main/resources/keycloak.js b/integration/js/src/main/resources/keycloak.js
index ef3af4082e..f826f39b3f 100755
--- a/integration/js/src/main/resources/keycloak.js
+++ b/integration/js/src/main/resources/keycloak.js
@@ -531,7 +531,11 @@ var Keycloak = function (config) {
 
         iframe.onload = function() {
             var realmUrl = getRealmUrl();
-            loginIframe.iframeOrigin = realmUrl.substring(0, realmUrl.indexOf('/', 8));
+            if (realmUrl.charAt(0) === '/') {
+                loginIframe.iframeOrigin = window.location.origin;
+            } else {
+                loginIframe.iframeOrigin = realmUrl.substring(0, realmUrl.indexOf('/', 8));
+            }
             loginIframe.iframe = iframe;
         }
 

From d15324110e3921fba5da6e92cb0809d9a98c3274 Mon Sep 17 00:00:00 2001
From: Stian Thorgersen <stianst@gmail.com>
Date: Tue, 17 Jun 2014 11:04:27 +0100
Subject: [PATCH 02/15] Disable cache provider for beta-3 release

---
 .../auth-server/src/main/webapp/WEB-INF/keycloak-server.json    | 2 +-
 server/src/main/resources/META-INF/keycloak-server.json         | 2 +-
 .../src/main/resources/META-INF/keycloak-server.json            | 2 +-
 3 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/project-integrations/aerogear-ups/auth-server/src/main/webapp/WEB-INF/keycloak-server.json b/project-integrations/aerogear-ups/auth-server/src/main/webapp/WEB-INF/keycloak-server.json
index e321f7f013..e0dd897175 100755
--- a/project-integrations/aerogear-ups/auth-server/src/main/webapp/WEB-INF/keycloak-server.json
+++ b/project-integrations/aerogear-ups/auth-server/src/main/webapp/WEB-INF/keycloak-server.json
@@ -8,7 +8,7 @@
     },
 
     "modelCache": {
-        "provider": "${keycloak.model.cache.provider:simple}"
+        "provider": "${keycloak.model.cache.provider:none}"
     },
 
     "timer": {
diff --git a/server/src/main/resources/META-INF/keycloak-server.json b/server/src/main/resources/META-INF/keycloak-server.json
index 23752151a0..fb726ca500 100755
--- a/server/src/main/resources/META-INF/keycloak-server.json
+++ b/server/src/main/resources/META-INF/keycloak-server.json
@@ -15,7 +15,7 @@
     },
 
     "modelCache": {
-        "provider": "${keycloak.model.cache.provider:simple}"
+        "provider": "${keycloak.model.cache.provider:none}"
     },
 
     "timer": {
diff --git a/testsuite/integration/src/main/resources/META-INF/keycloak-server.json b/testsuite/integration/src/main/resources/META-INF/keycloak-server.json
index a1e1ec17ff..65197a4cd9 100755
--- a/testsuite/integration/src/main/resources/META-INF/keycloak-server.json
+++ b/testsuite/integration/src/main/resources/META-INF/keycloak-server.json
@@ -24,7 +24,7 @@
     },
 
     "modelCache": {
-        "provider": "${keycloak.model.cache.provider:simple}"
+        "provider": "${keycloak.model.cache.provider:none}"
     },
 
     "timer": {

From 896c32a6604912c71aa3901c1f2298945b2407b6 Mon Sep 17 00:00:00 2001
From: Stian Thorgersen <stianst@gmail.com>
Date: Tue, 17 Jun 2014 11:21:36 +0100
Subject: [PATCH 03/15] KEYCLOAK-520

---
 .../theme/admin/base/resources/js/controllers/realm.js   | 9 +++------
 1 file changed, 3 insertions(+), 6 deletions(-)

diff --git a/forms/common-themes/src/main/resources/theme/admin/base/resources/js/controllers/realm.js b/forms/common-themes/src/main/resources/theme/admin/base/resources/js/controllers/realm.js
index fc10a08572..a18765fd35 100755
--- a/forms/common-themes/src/main/resources/theme/admin/base/resources/js/controllers/realm.js
+++ b/forms/common-themes/src/main/resources/theme/admin/base/resources/js/controllers/realm.js
@@ -615,7 +615,7 @@ module.controller('RealmSocialCtrl', function($scope, realm, Realm, serverInfo,
 
 });
 
-module.controller('RealmTokenDetailCtrl', function($scope, Realm, realm, $http, $location, Dialog, Notifications, TimeUnit) {
+module.controller('RealmTokenDetailCtrl', function($scope, Realm, realm, $http, $location, $route, Dialog, Notifications, TimeUnit) {
     console.log('RealmTokenDetailCtrl');
 
     $scope.realm = realm;
@@ -650,7 +650,6 @@ module.controller('RealmTokenDetailCtrl', function($scope, Realm, realm, $http,
         $scope.realm.accessCodeLifespanUserAction = TimeUnit.convert($scope.realm.accessCodeLifespanUserAction, from, to);
     });
 
-
     var oldCopy = angular.copy($scope.realm);
     $scope.changed = false;
 
@@ -674,16 +673,14 @@ module.controller('RealmTokenDetailCtrl', function($scope, Realm, realm, $http,
         realmCopy.accessCodeLifespan = TimeUnit.toSeconds($scope.realm.accessCodeLifespan, $scope.realm.accessCodeLifespanUnit)
         realmCopy.accessCodeLifespanUserAction = TimeUnit.toSeconds($scope.realm.accessCodeLifespanUserAction, $scope.realm.accessCodeLifespanUserActionUnit)
 
-        $scope.changed = false;
         Realm.update(realmCopy, function () {
-            $location.url("/realms/" + realm.realm + "/token-settings");
+            $route.reload();
             Notifications.success("The changes have been saved to the realm.");
         });
     };
 
     $scope.reset = function() {
-        $scope.realm = angular.copy(oldCopy);
-        $scope.changed = false;
+        $route.reload();
     };
 });
 

From 469d04425415264b484312af41e94113e6ee4cd4 Mon Sep 17 00:00:00 2001
From: Stian Thorgersen <stianst@gmail.com>
Date: Tue, 17 Jun 2014 14:07:07 +0100
Subject: [PATCH 04/15] KEYCLOAK-532

---
 .../services/resources/admin/RealmsAdminResource.java      | 7 +++----
 1 file changed, 3 insertions(+), 4 deletions(-)

diff --git a/services/src/main/java/org/keycloak/services/resources/admin/RealmsAdminResource.java b/services/src/main/java/org/keycloak/services/resources/admin/RealmsAdminResource.java
index 9e888a04f0..7600c871af 100755
--- a/services/src/main/java/org/keycloak/services/resources/admin/RealmsAdminResource.java
+++ b/services/src/main/java/org/keycloak/services/resources/admin/RealmsAdminResource.java
@@ -21,6 +21,7 @@ import org.keycloak.services.managers.RealmManager;
 import org.keycloak.services.managers.TokenManager;
 import org.keycloak.services.resources.KeycloakApplication;
 import org.keycloak.services.resources.flows.Flows;
+import org.keycloak.util.JsonSerialization;
 
 import javax.ws.rs.Consumes;
 import javax.ws.rs.GET;
@@ -167,10 +168,8 @@ public class RealmsAdminResource {
         List<InputPart> inputParts = uploadForm.get("file");
 
         for (InputPart inputPart : inputParts) {
-            inputPart.setMediaType(MediaType.APPLICATION_JSON_TYPE);
-            RealmRepresentation rep = inputPart.getBody(new GenericType<RealmRepresentation>() {
-            });
-
+            // inputPart.getBody doesn't work as content-type is wrong, and inputPart.setMediaType is not supported on AS7 (RestEasy 2.3.2.Final)
+            RealmRepresentation rep = JsonSerialization.readValue(inputPart.getBodyAsString(), RealmRepresentation.class);
             RealmModel realm;
             try {
                 realm = realmManager.importRealm(rep);

From 6cabf3e57dc564a0c36372db4110d9167c1bd4ef Mon Sep 17 00:00:00 2001
From: Stian Thorgersen <stianst@gmail.com>
Date: Tue, 17 Jun 2014 14:11:31 +0100
Subject: [PATCH 05/15] KEYCLOAK-530

---
 .../main/resources/theme/admin/base/resources/js/services.js    | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/forms/common-themes/src/main/resources/theme/admin/base/resources/js/services.js b/forms/common-themes/src/main/resources/theme/admin/base/resources/js/services.js
index 979199a1a8..b88c6b96af 100755
--- a/forms/common-themes/src/main/resources/theme/admin/base/resources/js/services.js
+++ b/forms/common-themes/src/main/resources/theme/admin/base/resources/js/services.js
@@ -222,7 +222,7 @@ module.factory('UserLogout', function($resource) {
     });
 });
 module.factory('UserSocialLinks', function($resource) {
-    return $resource(authUrl + '/rest/admin/realms/:realm/users/:user/social-links', {
+    return $resource(authUrl + '/admin/realms/:realm/users/:user/social-links', {
         realm : '@realm',
         user : '@user'
     });

From 3b55248e6cf3e0d7ba6de94ce684ce67589ad7d0 Mon Sep 17 00:00:00 2001
From: Stian Thorgersen <stianst@gmail.com>
Date: Tue, 17 Jun 2014 15:28:57 +0100
Subject: [PATCH 06/15] KEYCLOAK-533

---
 .../theme/admin/base/resources/index.html     |   1 +
 .../resources/js/controllers/applications.js  |  12 +-
 .../partials/application-installation.html    |   2 +-
 .../resources/lib/filesaver/FileSaver.js      | 241 ++++++++++++++++++
 4 files changed, 250 insertions(+), 6 deletions(-)
 create mode 100644 forms/common-themes/src/main/resources/theme/common/keycloak/resources/lib/filesaver/FileSaver.js

diff --git a/forms/common-themes/src/main/resources/theme/admin/base/resources/index.html b/forms/common-themes/src/main/resources/theme/admin/base/resources/index.html
index 459751c066..006fe1c774 100755
--- a/forms/common-themes/src/main/resources/theme/admin/base/resources/index.html
+++ b/forms/common-themes/src/main/resources/theme/admin/base/resources/index.html
@@ -21,6 +21,7 @@
     <script src="lib/jquery/jquery.idletimeout.js" type="text/javascript"></script>
     <script src="lib/angular/select2.js" type="text/javascript"></script>
     <script src="lib/fileupload/angular-file-upload.min.js"></script>
+    <script src="lib/filesaver/FileSaver.js"></script>
 
     <script src="js/keycloak.js" type="text/javascript"></script>
     <script src="js/app.js" type="text/javascript"></script>
diff --git a/forms/common-themes/src/main/resources/theme/admin/base/resources/js/controllers/applications.js b/forms/common-themes/src/main/resources/theme/admin/base/resources/js/controllers/applications.js
index abcaefcfdc..2671891f99 100755
--- a/forms/common-themes/src/main/resources/theme/admin/base/resources/js/controllers/applications.js
+++ b/forms/common-themes/src/main/resources/theme/admin/base/resources/js/controllers/applications.js
@@ -178,21 +178,23 @@ module.controller('ApplicationInstallationCtrl', function($scope, realm, applica
     $scope.changeFormat = function() {
         if ($scope.configFormat == "keycloak.json") {
             var url = ApplicationInstallation.url({ realm: $routeParams.realm, application: $routeParams.application });
-            var installation = $http.get(url).success(function(data) {
+            $http.get(url).success(function(data) {
                 var tmp = angular.fromJson(data);
                 $scope.installation = angular.toJson(tmp, true);
+                $scope.type = 'application/json';
             })
-            $scope.download = url;
         } else if ($scope.configFormat == "Wildfly/JBoss Subsystem XML") {
             var url = ApplicationInstallationJBoss.url({ realm: $routeParams.realm, application: $routeParams.application });
-            var installation = $http.get(url).success(function(data) {
+            $http.get(url).success(function(data) {
                 $scope.installation = data;
+                $scope.type = 'text/xml';
             })
-            $scope.download = url;
         }
-
     };
 
+    $scope.download = function() {
+        saveAs(new Blob([$scope.installation], { type: $scope.type }), 'keycloak.json');
+    }
 });
 
 module.controller('ApplicationDetailCtrl', function($scope, realm, application, Application, $location, Dialog, Notifications) {
diff --git a/forms/common-themes/src/main/resources/theme/admin/base/resources/partials/application-installation.html b/forms/common-themes/src/main/resources/theme/admin/base/resources/partials/application-installation.html
index dd1400e72d..f3c00aeec1 100755
--- a/forms/common-themes/src/main/resources/theme/admin/base/resources/partials/application-installation.html
+++ b/forms/common-themes/src/main/resources/theme/admin/base/resources/partials/application-installation.html
@@ -43,7 +43,7 @@
         </form>
 
         <div class="pull-right form-actions" ng-show="installation">
-            <a class="btn btn-primary btn-lg" href="{{download}}" download="keycloak.json" type="submit">Download</a>
+            <a class="btn btn-primary btn-lg" data-ng-click="download()" type="submit">Download</a>
         </div>
     </div>
 </div>
diff --git a/forms/common-themes/src/main/resources/theme/common/keycloak/resources/lib/filesaver/FileSaver.js b/forms/common-themes/src/main/resources/theme/common/keycloak/resources/lib/filesaver/FileSaver.js
new file mode 100644
index 0000000000..6095017e94
--- /dev/null
+++ b/forms/common-themes/src/main/resources/theme/common/keycloak/resources/lib/filesaver/FileSaver.js
@@ -0,0 +1,241 @@
+/* FileSaver.js
+ *  A saveAs() FileSaver implementation.
+ *  2014-05-27
+ *
+ *  By Eli Grey, http://eligrey.com
+ *  License: X11/MIT
+ *    See https://github.com/eligrey/FileSaver.js/blob/master/LICENSE.md
+ */
+
+/*global self */
+/*jslint bitwise: true, indent: 4, laxbreak: true, laxcomma: true, smarttabs: true, plusplus: true */
+
+/*! @source http://purl.eligrey.com/github/FileSaver.js/blob/master/FileSaver.js */
+
+var saveAs = saveAs
+  // IE 10+ (native saveAs)
+  || (typeof navigator !== "undefined" &&
+      navigator.msSaveOrOpenBlob && navigator.msSaveOrOpenBlob.bind(navigator))
+  // Everyone else
+  || (function(view) {
+	"use strict";
+	// IE <10 is explicitly unsupported
+	if (typeof navigator !== "undefined" &&
+	    /MSIE [1-9]\./.test(navigator.userAgent)) {
+		return;
+	}
+	var
+		  doc = view.document
+		  // only get URL when necessary in case Blob.js hasn't overridden it yet
+		, get_URL = function() {
+			return view.URL || view.webkitURL || view;
+		}
+		, save_link = doc.createElementNS("http://www.w3.org/1999/xhtml", "a")
+		, can_use_save_link = !view.externalHost && "download" in save_link
+		, click = function(node) {
+			var event = doc.createEvent("MouseEvents");
+			event.initMouseEvent(
+				"click", true, false, view, 0, 0, 0, 0, 0
+				, false, false, false, false, 0, null
+			);
+			node.dispatchEvent(event);
+		}
+		, webkit_req_fs = view.webkitRequestFileSystem
+		, req_fs = view.requestFileSystem || webkit_req_fs || view.mozRequestFileSystem
+		, throw_outside = function(ex) {
+			(view.setImmediate || view.setTimeout)(function() {
+				throw ex;
+			}, 0);
+		}
+		, force_saveable_type = "application/octet-stream"
+		, fs_min_size = 0
+		, deletion_queue = []
+		, process_deletion_queue = function() {
+			var i = deletion_queue.length;
+			while (i--) {
+				var file = deletion_queue[i];
+				if (typeof file === "string") { // file is an object URL
+					get_URL().revokeObjectURL(file);
+				} else { // file is a File
+					file.remove();
+				}
+			}
+			deletion_queue.length = 0; // clear queue
+		}
+		, dispatch = function(filesaver, event_types, event) {
+			event_types = [].concat(event_types);
+			var i = event_types.length;
+			while (i--) {
+				var listener = filesaver["on" + event_types[i]];
+				if (typeof listener === "function") {
+					try {
+						listener.call(filesaver, event || filesaver);
+					} catch (ex) {
+						throw_outside(ex);
+					}
+				}
+			}
+		}
+		, FileSaver = function(blob, name) {
+			// First try a.download, then web filesystem, then object URLs
+			var
+				  filesaver = this
+				, type = blob.type
+				, blob_changed = false
+				, object_url
+				, target_view
+				, get_object_url = function() {
+					var object_url = get_URL().createObjectURL(blob);
+					deletion_queue.push(object_url);
+					return object_url;
+				}
+				, dispatch_all = function() {
+					dispatch(filesaver, "writestart progress write writeend".split(" "));
+				}
+				// on any filesys errors revert to saving with object URLs
+				, fs_error = function() {
+					// don't create more object URLs than needed
+					if (blob_changed || !object_url) {
+						object_url = get_object_url(blob);
+					}
+					if (target_view) {
+						target_view.location.href = object_url;
+					} else {
+						window.open(object_url, "_blank");
+					}
+					filesaver.readyState = filesaver.DONE;
+					dispatch_all();
+				}
+				, abortable = function(func) {
+					return function() {
+						if (filesaver.readyState !== filesaver.DONE) {
+							return func.apply(this, arguments);
+						}
+					};
+				}
+				, create_if_not_found = {create: true, exclusive: false}
+				, slice
+			;
+			filesaver.readyState = filesaver.INIT;
+			if (!name) {
+				name = "download";
+			}
+			if (can_use_save_link) {
+				object_url = get_object_url(blob);
+				save_link.href = object_url;
+				save_link.download = name;
+				click(save_link);
+				filesaver.readyState = filesaver.DONE;
+				dispatch_all();
+				return;
+			}
+			// Object and web filesystem URLs have a problem saving in Google Chrome when
+			// viewed in a tab, so I force save with application/octet-stream
+			// http://code.google.com/p/chromium/issues/detail?id=91158
+			if (view.chrome && type && type !== force_saveable_type) {
+				slice = blob.slice || blob.webkitSlice;
+				blob = slice.call(blob, 0, blob.size, force_saveable_type);
+				blob_changed = true;
+			}
+			// Since I can't be sure that the guessed media type will trigger a download
+			// in WebKit, I append .download to the filename.
+			// https://bugs.webkit.org/show_bug.cgi?id=65440
+			if (webkit_req_fs && name !== "download") {
+				name += ".download";
+			}
+			if (type === force_saveable_type || webkit_req_fs) {
+				target_view = view;
+			}
+			if (!req_fs) {
+				fs_error();
+				return;
+			}
+			fs_min_size += blob.size;
+			req_fs(view.TEMPORARY, fs_min_size, abortable(function(fs) {
+				fs.root.getDirectory("saved", create_if_not_found, abortable(function(dir) {
+					var save = function() {
+						dir.getFile(name, create_if_not_found, abortable(function(file) {
+							file.createWriter(abortable(function(writer) {
+								writer.onwriteend = function(event) {
+									target_view.location.href = file.toURL();
+									deletion_queue.push(file);
+									filesaver.readyState = filesaver.DONE;
+									dispatch(filesaver, "writeend", event);
+								};
+								writer.onerror = function() {
+									var error = writer.error;
+									if (error.code !== error.ABORT_ERR) {
+										fs_error();
+									}
+								};
+								"writestart progress write abort".split(" ").forEach(function(event) {
+									writer["on" + event] = filesaver["on" + event];
+								});
+								writer.write(blob);
+								filesaver.abort = function() {
+									writer.abort();
+									filesaver.readyState = filesaver.DONE;
+								};
+								filesaver.readyState = filesaver.WRITING;
+							}), fs_error);
+						}), fs_error);
+					};
+					dir.getFile(name, {create: false}, abortable(function(file) {
+						// delete file if it already exists
+						file.remove();
+						save();
+					}), abortable(function(ex) {
+						if (ex.code === ex.NOT_FOUND_ERR) {
+							save();
+						} else {
+							fs_error();
+						}
+					}));
+				}), fs_error);
+			}), fs_error);
+		}
+		, FS_proto = FileSaver.prototype
+		, saveAs = function(blob, name) {
+			return new FileSaver(blob, name);
+		}
+	;
+	FS_proto.abort = function() {
+		var filesaver = this;
+		filesaver.readyState = filesaver.DONE;
+		dispatch(filesaver, "abort");
+	};
+	FS_proto.readyState = FS_proto.INIT = 0;
+	FS_proto.WRITING = 1;
+	FS_proto.DONE = 2;
+
+	FS_proto.error =
+	FS_proto.onwritestart =
+	FS_proto.onprogress =
+	FS_proto.onwrite =
+	FS_proto.onabort =
+	FS_proto.onerror =
+	FS_proto.onwriteend =
+		null;
+
+	view.addEventListener("unload", process_deletion_queue, false);
+	saveAs.unload = function() {
+		process_deletion_queue();
+		view.removeEventListener("unload", process_deletion_queue, false);
+	};
+	return saveAs;
+}(
+	   typeof self !== "undefined" && self
+	|| typeof window !== "undefined" && window
+	|| this.content
+));
+// `self` is undefined in Firefox for Android content script context
+// while `this` is nsIContentFrameMessageManager
+// with an attribute `content` that corresponds to the window
+
+if (typeof module !== "undefined" && module !== null) {
+  module.exports = saveAs;
+} else if ((typeof define !== "undefined" && define !== null) && (define.amd != null)) {
+  define([], function() {
+    return saveAs;
+  });
+}

From f9cb99a1ee41f9d901906407616abedf0b1f737e Mon Sep 17 00:00:00 2001
From: mposolda <mposolda@gmail.com>
Date: Tue, 17 Jun 2014 16:57:01 +0200
Subject: [PATCH 07/15] KEYCLOAK-534 Fix MS-SQL

---
 .../audit/jpa/JpaAuditProviderFactory.java    |  3 ++-
 .../main/java/org/keycloak/util/JpaUtils.java | 22 +++++++++++++++++++
 .../models/jpa/JpaKeycloakSessionFactory.java | 17 ++------------
 .../models/jpa/entities/RoleEntity.java       | 19 +++++++++++++---
 .../models/jpa/entities/UserEntity.java       | 14 +++++++++++-
 5 files changed, 55 insertions(+), 20 deletions(-)
 create mode 100644 core/src/main/java/org/keycloak/util/JpaUtils.java

diff --git a/audit/jpa/src/main/java/org/keycloak/audit/jpa/JpaAuditProviderFactory.java b/audit/jpa/src/main/java/org/keycloak/audit/jpa/JpaAuditProviderFactory.java
index 58ff08eae4..546b5e949c 100644
--- a/audit/jpa/src/main/java/org/keycloak/audit/jpa/JpaAuditProviderFactory.java
+++ b/audit/jpa/src/main/java/org/keycloak/audit/jpa/JpaAuditProviderFactory.java
@@ -5,6 +5,7 @@ import org.keycloak.audit.AuditProvider;
 import org.keycloak.audit.AuditProviderFactory;
 import org.keycloak.audit.EventType;
 import org.keycloak.provider.ProviderSession;
+import org.keycloak.util.JpaUtils;
 
 import javax.persistence.EntityManagerFactory;
 import javax.persistence.Persistence;
@@ -28,7 +29,7 @@ public class JpaAuditProviderFactory implements AuditProviderFactory {
 
     @Override
     public void init(Config.Scope config) {
-        emf = Persistence.createEntityManagerFactory("jpa-keycloak-audit-store");
+        emf = Persistence.createEntityManagerFactory("jpa-keycloak-audit-store", JpaUtils.getHibernateProperties());
 
         String[] include = config.getArray("include-events");
         if (include != null) {
diff --git a/core/src/main/java/org/keycloak/util/JpaUtils.java b/core/src/main/java/org/keycloak/util/JpaUtils.java
new file mode 100644
index 0000000000..abb4efe3df
--- /dev/null
+++ b/core/src/main/java/org/keycloak/util/JpaUtils.java
@@ -0,0 +1,22 @@
+package org.keycloak.util;
+
+import java.util.Properties;
+
+/**
+ * @author <a href="mailto:mposolda@redhat.com">Marek Posolda</a>
+ */
+public class JpaUtils {
+
+    // Allows to override some properties in persistence.xml by system properties
+    public static Properties getHibernateProperties() {
+        Properties result = new Properties();
+
+        for (Object property : System.getProperties().keySet()) {
+            if (property.toString().startsWith("hibernate.")) {
+                String propValue = System.getProperty(property.toString());
+                result.put(property, propValue);
+            }
+        }
+        return result;
+    }
+}
diff --git a/model/jpa/src/main/java/org/keycloak/models/jpa/JpaKeycloakSessionFactory.java b/model/jpa/src/main/java/org/keycloak/models/jpa/JpaKeycloakSessionFactory.java
index 6efe710f92..2865957841 100755
--- a/model/jpa/src/main/java/org/keycloak/models/jpa/JpaKeycloakSessionFactory.java
+++ b/model/jpa/src/main/java/org/keycloak/models/jpa/JpaKeycloakSessionFactory.java
@@ -4,6 +4,7 @@ import org.keycloak.Config;
 import org.keycloak.models.KeycloakSession;
 import org.keycloak.models.KeycloakSessionFactory;
 import org.keycloak.provider.ProviderSession;
+import org.keycloak.util.JpaUtils;
 
 import javax.persistence.EntityManagerFactory;
 import javax.persistence.Persistence;
@@ -19,7 +20,7 @@ public class JpaKeycloakSessionFactory implements KeycloakSessionFactory {
 
     @Override
     public void init(Config.Scope config) {
-        emf = Persistence.createEntityManagerFactory("jpa-keycloak-identity-store", getHibernateProperties());
+        emf = Persistence.createEntityManagerFactory("jpa-keycloak-identity-store", JpaUtils.getHibernateProperties());
     }
 
     @Override
@@ -36,18 +37,4 @@ public class JpaKeycloakSessionFactory implements KeycloakSessionFactory {
     public void close() {
         emf.close();
     }
-
-    // Allows to override some properties in persistence.xml by system properties
-    protected Properties getHibernateProperties() {
-        Properties result = new Properties();
-
-        for (Object property : System.getProperties().keySet()) {
-            if (property.toString().startsWith("hibernate.")) {
-                String propValue = System.getProperty(property.toString());
-                result.put(property, propValue);
-            }
-        }
-        return result;
-    }
-
 }
diff --git a/model/jpa/src/main/java/org/keycloak/models/jpa/entities/RoleEntity.java b/model/jpa/src/main/java/org/keycloak/models/jpa/entities/RoleEntity.java
index c6f3eb1b63..5be5fed2e5 100755
--- a/model/jpa/src/main/java/org/keycloak/models/jpa/entities/RoleEntity.java
+++ b/model/jpa/src/main/java/org/keycloak/models/jpa/entities/RoleEntity.java
@@ -26,9 +26,7 @@ import org.hibernate.annotations.GenericGenerator;
  */
 @Entity
 @Table(uniqueConstraints = {
-        @UniqueConstraint(columnNames = { "name", "application"}),
-        @UniqueConstraint(columnNames = { "name", "realm" })
-
+        @UniqueConstraint(columnNames = { "name", "appRealmConstraint" })
 })
 @NamedQueries({
         @NamedQuery(name="getAppRoleByName", query="select role from RoleEntity role where role.name = :name and role.application = :application"),
@@ -57,6 +55,9 @@ public class RoleEntity {
     @JoinColumn(name = "application")
     private ApplicationEntity application;
 
+    // Hack to ensure that either name+application or name+realm are unique. Needed due to MS-SQL as it don't allow multiple NULL values in the column, which is part of constraint
+    private String appRealmConstraint;
+
     @ManyToMany(fetch = FetchType.LAZY, cascade = {})
     @JoinTable(name = "CompositeRole", joinColumns = @JoinColumn(name = "composite"), inverseJoinColumns = @JoinColumn(name = "role"))
     private Collection<RoleEntity> compositeRoles = new ArrayList<RoleEntity>();
@@ -115,6 +116,7 @@ public class RoleEntity {
 
     public void setRealm(RealmEntity realm) {
         this.realm = realm;
+        this.appRealmConstraint = realm.getId();
     }
 
     public ApplicationEntity getApplication() {
@@ -123,6 +125,17 @@ public class RoleEntity {
 
     public void setApplication(ApplicationEntity application) {
         this.application = application;
+        if (application != null) {
+            this.appRealmConstraint = application.getId();
+        }
+    }
+
+    public String getAppRealmConstraint() {
+        return appRealmConstraint;
+    }
+
+    public void setAppRealmConstraint(String appRealmConstraint) {
+        this.appRealmConstraint = appRealmConstraint;
     }
 
     @Override
diff --git a/model/jpa/src/main/java/org/keycloak/models/jpa/entities/UserEntity.java b/model/jpa/src/main/java/org/keycloak/models/jpa/entities/UserEntity.java
index d8739017d8..3b765b4443 100755
--- a/model/jpa/src/main/java/org/keycloak/models/jpa/entities/UserEntity.java
+++ b/model/jpa/src/main/java/org/keycloak/models/jpa/entities/UserEntity.java
@@ -2,6 +2,7 @@ package org.keycloak.models.jpa.entities;
 
 import org.hibernate.annotations.GenericGenerator;
 import org.keycloak.models.UserModel;
+import org.keycloak.models.utils.KeycloakModelUtils;
 
 import javax.persistence.CascadeType;
 import javax.persistence.CollectionTable;
@@ -42,7 +43,7 @@ import java.util.Set;
 @Entity
 @Table(uniqueConstraints = {
         @UniqueConstraint(columnNames = { "realm", "loginName" }),
-        @UniqueConstraint(columnNames = { "realm", "email" })
+        @UniqueConstraint(columnNames = { "realm", "emailConstraint" })
 })
 public class UserEntity {
     @Id
@@ -57,6 +58,8 @@ public class UserEntity {
     protected boolean emailVerified;
     protected int notBefore;
 
+    // Hack just to workaround the fact that on MS-SQL you can't have unique constraint with multiple NULL values TODO: Find better solution (like unique index with 'where' but that's proprietary)
+    protected String emailConstraint = KeycloakModelUtils.generateId();
 
     @ManyToOne(fetch = FetchType.LAZY)
     @JoinColumn(name = "realm")
@@ -116,6 +119,7 @@ public class UserEntity {
 
     public void setEmail(String email) {
         this.email = email;
+        this.emailConstraint = email != null ? email : KeycloakModelUtils.generateId();
     }
 
     public boolean isEnabled() {
@@ -126,6 +130,14 @@ public class UserEntity {
         this.enabled = enabled;
     }
 
+    public String getEmailConstraint() {
+        return emailConstraint;
+    }
+
+    public void setEmailConstraint(String emailConstraint) {
+        this.emailConstraint = emailConstraint;
+    }
+
     public boolean isTotp() {
         return totp;
     }

From 2fd7fdaa7454a362d01a709670d6ac170753fadf Mon Sep 17 00:00:00 2001
From: mposolda <mposolda@gmail.com>
Date: Wed, 18 Jun 2014 10:29:57 +0200
Subject: [PATCH 08/15] KEYCLOAK-535 Fix Keycloak with Oracle

---
 .../models/jpa/entities/AuthenticationProviderEntity.java  | 7 ++++++-
 .../jpa/entities/ClientUserSessionAssociationEntity.java   | 2 ++
 2 files changed, 8 insertions(+), 1 deletion(-)

diff --git a/model/jpa/src/main/java/org/keycloak/models/jpa/entities/AuthenticationProviderEntity.java b/model/jpa/src/main/java/org/keycloak/models/jpa/entities/AuthenticationProviderEntity.java
index 8517ad28a3..2ce4c127a5 100644
--- a/model/jpa/src/main/java/org/keycloak/models/jpa/entities/AuthenticationProviderEntity.java
+++ b/model/jpa/src/main/java/org/keycloak/models/jpa/entities/AuthenticationProviderEntity.java
@@ -8,7 +8,9 @@ import javax.persistence.ElementCollection;
 import javax.persistence.Entity;
 import javax.persistence.GeneratedValue;
 import javax.persistence.Id;
+import javax.persistence.JoinColumn;
 import javax.persistence.MapKeyColumn;
+import javax.persistence.Table;
 
 import org.hibernate.annotations.GenericGenerator;
 
@@ -16,6 +18,7 @@ import org.hibernate.annotations.GenericGenerator;
  * @author <a href="mailto:mposolda@redhat.com">Marek Posolda</a>
  */
 @Entity
+@Table(name="AuthProviderEntity")
 public class AuthenticationProviderEntity {
 
     @Id
@@ -30,7 +33,9 @@ public class AuthenticationProviderEntity {
     @ElementCollection
     @MapKeyColumn(name="name")
     @Column(name="value")
-    @CollectionTable
+    @CollectionTable(name="AuthProviderEntity_cfg", joinColumns = {
+            @JoinColumn(name = "AuthProviderEntity_id")
+    })
     private Map<String, String> config;
 
     public String getId() {
diff --git a/model/jpa/src/main/java/org/keycloak/models/jpa/entities/ClientUserSessionAssociationEntity.java b/model/jpa/src/main/java/org/keycloak/models/jpa/entities/ClientUserSessionAssociationEntity.java
index 0cf75aa051..490e75d7c2 100755
--- a/model/jpa/src/main/java/org/keycloak/models/jpa/entities/ClientUserSessionAssociationEntity.java
+++ b/model/jpa/src/main/java/org/keycloak/models/jpa/entities/ClientUserSessionAssociationEntity.java
@@ -9,12 +9,14 @@ import javax.persistence.Id;
 import javax.persistence.ManyToOne;
 import javax.persistence.NamedQueries;
 import javax.persistence.NamedQuery;
+import javax.persistence.Table;
 
 /**
  * @author <a href="mailto:bill@burkecentral.com">Bill Burke</a>
  * @version $Revision: 1 $
  */
 @Entity
+@Table(name = "ClientUserSessionAscEntity")
 @NamedQueries({
         @NamedQuery(name = "getAllClientUserSessions", query = "select s from ClientUserSessionAssociationEntity s"),
         @NamedQuery(name = "getClientUserSessionBySession", query = "select s from ClientUserSessionAssociationEntity s where s.session = :session"),

From 5d8c803da6fa15683961f1f08e25ab36fee34603 Mon Sep 17 00:00:00 2001
From: mposolda <mposolda@gmail.com>
Date: Wed, 18 Jun 2014 10:31:36 +0200
Subject: [PATCH 09/15] Remove duplicite dependency declarations to remove
 maven warnings

---
 examples/demo-template/product-app/pom.xml |  5 -----
 server/pom.xml                             | 17 -----------------
 services/pom.xml                           |  6 ------
 3 files changed, 28 deletions(-)

diff --git a/examples/demo-template/product-app/pom.xml b/examples/demo-template/product-app/pom.xml
index b8c65c1569..21e9cf0ab1 100755
--- a/examples/demo-template/product-app/pom.xml
+++ b/examples/demo-template/product-app/pom.xml
@@ -23,11 +23,6 @@
     </repositories>
 
     <dependencies>
-        <dependency>
-            <groupId>org.jboss.spec.javax.servlet</groupId>
-            <artifactId>jboss-servlet-api_3.0_spec</artifactId>
-            <scope>provided</scope>
-        </dependency>
         <dependency>
             <groupId>org.jboss.spec.javax.servlet</groupId>
             <artifactId>jboss-servlet-api_3.0_spec</artifactId>
diff --git a/server/pom.xml b/server/pom.xml
index 9185e34a3b..ac9c0ff762 100755
--- a/server/pom.xml
+++ b/server/pom.xml
@@ -260,23 +260,6 @@
             <groupId>org.mongodb</groupId>
             <artifactId>mongo-java-driver</artifactId>
         </dependency>
-        <dependency>
-            <groupId>org.picketlink</groupId>
-            <artifactId>picketlink-common</artifactId>
-        </dependency>
-
-        <dependency>
-            <groupId>org.picketlink</groupId>
-            <artifactId>picketlink-idm-api</artifactId>
-        </dependency>
-        <dependency>
-            <groupId>org.picketlink</groupId>
-            <artifactId>picketlink-idm-impl</artifactId>
-        </dependency>
-        <dependency>
-            <groupId>org.picketlink</groupId>
-            <artifactId>picketlink-idm-simple-schema</artifactId>
-        </dependency>
 
         <!-- export/import -->
         <dependency>
diff --git a/services/pom.xml b/services/pom.xml
index 9d9a564f2e..4fad80a0ab 100755
--- a/services/pom.xml
+++ b/services/pom.xml
@@ -97,12 +97,6 @@
             <version>${project.version}</version>
             <scope>provided</scope>
         </dependency>
-        <dependency>
-            <groupId>org.keycloak</groupId>
-            <artifactId>keycloak-authentication-api</artifactId>
-            <version>${project.version}</version>
-            <scope>provided</scope>
-        </dependency>
         <dependency>
             <groupId>org.keycloak</groupId>
             <artifactId>keycloak-export-import-api</artifactId>

From 28adc28a561efe8df06de39389742776b94f7be8 Mon Sep 17 00:00:00 2001
From: Stian Thorgersen <stianst@gmail.com>
Date: Wed, 18 Jun 2014 09:59:23 +0100
Subject: [PATCH 10/15] Add instructions to configure a reverse proxy with KC

---
 .../en/en-US/modules/server-installation.xml  | 291 ++++++++++--------
 1 file changed, 160 insertions(+), 131 deletions(-)

diff --git a/docbook/reference/en/en-US/modules/server-installation.xml b/docbook/reference/en/en-US/modules/server-installation.xml
index 53cfaa24b5..f93d579485 100755
--- a/docbook/reference/en/en-US/modules/server-installation.xml
+++ b/docbook/reference/en/en-US/modules/server-installation.xml
@@ -337,153 +337,157 @@ keycloak-war-dist-all-1.0-beta-3-SNAPSHOT/
             <warning>
                 <para>
                     Keycloak is not set up by default to handle SSL/HTTPS in either the
-                    war distribution or appliance.  It is highly recommended that you enable it!
+                    war distribution or appliance.  It is highly recommended that you either enable SSL on the Keycloak server
+                    itself or on a reverse proxy in front of the Keycloak server.
                 </para>
             </warning>
+
             <para>
-                The following things need to be done
-                <itemizedlist>
-
-                    <listitem>
-                        Generate a self signed or third-party signed certificate and import it into a Java keystore
-                        using <literal>keytool</literal>.
-                    </listitem>
-
-                    <listitem>
-                        Enable JBoss or Wildfly to use this certificate and turn on SSL/HTTPS.
-                    </listitem>
-
-                    <listitem>
-                        Configure the Keycloak Server to enforce HTTPS connections.
-                    </listitem>
-                </itemizedlist>
+                First enable SSL on Keycloak or on a reverse proxy in front of Keycloak. Then configure the Keycloak Server to enforce HTTPS connections.
             </para>
+
             <section>
-                <title>Creating the Certificate and Java Keystore</title>
+                <title>Enable SSL on Keycloak</title>
                 <para>
-                    In order to allow HTTPS connections, you need to obtain a self signed or third-party signed certificate
-                    and import it into a Java keystore before you can enable HTTPS in the web container you are deploying
-                    the Keycloak Server to.
+                    The following things need to be done
+                    <itemizedlist>
+
+                        <listitem>
+                            Generate a self signed or third-party signed certificate and import it into a Java keystore
+                            using <literal>keytool</literal>.
+                        </listitem>
+
+                        <listitem>
+                            Enable JBoss or Wildfly to use this certificate and turn on SSL/HTTPS.
+                        </listitem>
+                    </itemizedlist>
                 </para>
                 <section>
-                    <title>Self Signed Certificate</title>
+                    <title>Creating the Certificate and Java Keystore</title>
                     <para>
-                        In development, you will probably not have a third party signed certificate available to test
-                        a Keycloak deployment so you'll need to generate a self-signed on.  Generate one is very easy
-                        to do with the <literal>keytool</literal> utility that comes with the Java jdk.
+                        In order to allow HTTPS connections, you need to obtain a self signed or third-party signed certificate
+                        and import it into a Java keystore before you can enable HTTPS in the web container you are deploying
+                        the Keycloak Server to.
+                    </para>
+                    <section>
+                        <title>Self Signed Certificate</title>
+                        <para>
+                            In development, you will probably not have a third party signed certificate available to test
+                            a Keycloak deployment so you'll need to generate a self-signed on.  Generate one is very easy
+                            to do with the <literal>keytool</literal> utility that comes with the Java jdk.
+                        </para>
+                        <para>
+    <programlisting>
+    $ keytool -genkey -alias localhost -keyalg RSA -keystore keycloak.jks -validity 10950
+        Enter keystore password: secret
+        Re-enter new password: secret
+        What is your first and last name?
+        [Unknown]:  localhost
+        What is the name of your organizational unit?
+        [Unknown]:  Keycloak
+        What is the name of your organization?
+        [Unknown]:  Red Hat
+        What is the name of your City or Locality?
+        [Unknown]:  Westford
+        What is the name of your State or Province?
+        [Unknown]:  MA
+        What is the two-letter country code for this unit?
+        [Unknown]:  US
+        Is CN=localhost, OU=Keycloak, O=Test, L=Westford, ST=MA, C=US correct?
+        [no]:  yes
+    </programlisting>
+                        </para>
+                        <para>
+                            You should answer the <literal>What is your first and last name?</literal> question with
+                            the DNS name of the machine you're installing the server on.  For testing purposes,
+                            <literal>localhost</literal> should be used.  After executing this command, the
+                            <literal>keycloak.jks</literal> file will be generated in the same directory as you executed
+                            the <literal>keytool</literal> command in.
+                        </para>
+                        <para>
+                            If you want a third-party signed certificate, but don't have one, you can obtain one for free
+                            at <ulink url="http://cacert.org">cacert.org</ulink>.  You'll have to do a little set up first
+                            before doing this though.
+                        </para>
+                        <para>
+                            The first thing to do is generate a Certificate Request:
+    <programlisting>
+    $ keytool -certreq -alias yourdomain -keystore keycloak.jks > keycloak.careq
+    </programlisting>
+                        </para>
+                        <para>
+                             Where <literal>yourdomain</literal> is a DNS name for which this certificate is generated for.
+                             Keytool generates the request:
+    <programlisting>
+    -----BEGIN NEW CERTIFICATE REQUEST-----
+    MIIC2jCCAcICAQAwZTELMAkGA1UEBhMCVVMxCzAJBgNVBAgTAk1BMREwDwYDVQQHEwhXZXN0Zm9y
+    ZDEQMA4GA1UEChMHUmVkIEhhdDEQMA4GA1UECxMHUmVkIEhhdDESMBAGA1UEAxMJbG9jYWxob3N0
+    MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr7kck2TaavlEOGbcpi9c0rncY4HhdzmY
+    Ax2nZfq1eZEaIPqI5aTxwQZzzLDK9qbeAd8Ji79HzSqnRDxNYaZu7mAYhFKHgixsolE3o5Yfzbw1
+    29Rvy+eUVe+WZxv5oo9wolVVpdSINIMEL2LaFhtX/c1dqiqYVpfnvFshZQaIg2nL8juzZcBjj4as
+    H98gIS7khql/dkZKsw9NLvyxgJvp7PaXurX29fNf3ihG+oFrL22oFyV54BWWxXCKU/GPn61EGZGw
+    Ft2qSIGLdctpMD1aJR2bcnlhEjZKDksjQZoQ5YMXaAGkcYkG6QkgrocDE2YXDbi7GIdf9MegVJ35
+    2DQMpwIDAQABoDAwLgYJKoZIhvcNAQkOMSEwHzAdBgNVHQ4EFgQUQwlZJBA+fjiDdiVzaO9vrE/i
+    n2swDQYJKoZIhvcNAQELBQADggEBAC5FRvMkhal3q86tHPBYWBuTtmcSjs4qUm6V6f63frhveWHf
+    PzRrI1xH272XUIeBk0gtzWo0nNZnf0mMCtUBbHhhDcG82xolikfqibZijoQZCiGiedVjHJFtniDQ
+    9bMDUOXEMQ7gHZg5q6mJfNG9MbMpQaUVEEFvfGEQQxbiFK7hRWU8S23/d80e8nExgQxdJWJ6vd0X
+    MzzFK6j4Dj55bJVuM7GFmfdNC52pNOD5vYe47Aqh8oajHX9XTycVtPXl45rrWAH33ftbrS8SrZ2S
+    vqIFQeuLL3BaHwpl3t7j2lMWcK1p80laAxEASib/fAwrRHpLHBXRcq6uALUOZl4Alt8=
+    -----END NEW CERTIFICATE REQUEST-----
+     </programlisting>
+                        </para>
+                        <para>
+                            Send this ca request to your CA.  The CA will issue you a signed certificate and send it to you.
+                            Before you import your new cert, you must obtain and import the root certificate of the CA.
+                            You can download the cert from CA (ie.: root.crt) and import as follows:
+    <programlisting>
+    $ keytool -import -keystore keycloak.jks -file root.crt -alias root
+    </programlisting>
+                        </para>
+                        <para>
+                            Last step is import your new CA generated certificate to your keystore:
+    <programlisting>
+    $ keytool -import -alias yourdomain -keystore keycloak.jks -file your-certificate.cer
+    </programlisting>
+                        </para>
+                    </section>
+                </section>
+                <section>
+                    <title>Installing the keystore to WildFly</title>
+                    <para>
+                        Now that you have a Java keystore with the appropriate certificates, you need to configure your
+                        Wildfly installation to use it.  First step is to move the keystore file to a directory
+                        you can reference in configuration.  I like to put it in <literal>standalone/configuration</literal>.
+                        Then you need to edit <literal>standalone/configuration/standalone.xml</literal> to enable SSL/HTTPS.
                     </para>
                     <para>
-<programlisting>
-$ keytool -genkey -alias localhost -keyalg RSA -keystore keycloak.jks -validity 10950
-    Enter keystore password: secret
-    Re-enter new password: secret
-    What is your first and last name?
-    [Unknown]:  localhost
-    What is the name of your organizational unit?
-    [Unknown]:  Keycloak
-    What is the name of your organization?
-    [Unknown]:  Red Hat
-    What is the name of your City or Locality?
-    [Unknown]:  Westford
-    What is the name of your State or Province?
-    [Unknown]:  MA
-    What is the two-letter country code for this unit?
-    [Unknown]:  US
-    Is CN=localhost, OU=Keycloak, O=Test, L=Westford, ST=MA, C=US correct?
-    [no]:  yes
-</programlisting>
+                        To the <literal>security-realms</literal> element add:
+                        <programlisting><![CDATA[<security-realm name="UndertowRealm">
+        <server-identities>
+            <ssl>
+                <keystore path="keycloak.jks" relative-to="jboss.server.config.dir" keystore-password="secret" />
+            </ssl>
+        </server-identities>
+    </security-realm>]]></programlisting>
                     </para>
                     <para>
-                        You should answer the <literal>What is your first and last name?</literal> question with
-                        the DNS name of the machine you're installing the server on.  For testing purposes,
-                        <literal>localhost</literal> should be used.  After executing this command, the
-                        <literal>keycloak.jks</literal> file will be generated in the same directory as you executed
-                        the <literal>keytool</literal> command in.
+                        Find the element <literal>&lt;server name="default-server"&gt;</literal> (it's a child element of <literal>&lt;subsystem xmlns="urn:jboss:domain:undertow:1.0"&gt;</literal>) and add:
+                        <programlisting><![CDATA[<https-listener name="https" socket-binding="https" security-realm="UndertowRealm"/>
+    ]]></programlisting>
                     </para>
                     <para>
-                        If you want a third-party signed certificate, but don't have one, you can obtain one for free
-                        at <ulink url="http://cacert.org">cacert.org</ulink>.  You'll have to do a little set up first
-                        before doing this though.
-                    </para>
-                    <para>
-                        The first thing to do is generate a Certificate Request:
-<programlisting>
-$ keytool -certreq -alias yourdomain -keystore keycloak.jks > keycloak.careq
-</programlisting>
-                    </para>
-                    <para>
-                         Where <literal>yourdomain</literal> is a DNS name for which this certificate is generated for.
-                         Keytool generates the request:
-<programlisting>
------BEGIN NEW CERTIFICATE REQUEST-----
-MIIC2jCCAcICAQAwZTELMAkGA1UEBhMCVVMxCzAJBgNVBAgTAk1BMREwDwYDVQQHEwhXZXN0Zm9y
-ZDEQMA4GA1UEChMHUmVkIEhhdDEQMA4GA1UECxMHUmVkIEhhdDESMBAGA1UEAxMJbG9jYWxob3N0
-MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr7kck2TaavlEOGbcpi9c0rncY4HhdzmY
-Ax2nZfq1eZEaIPqI5aTxwQZzzLDK9qbeAd8Ji79HzSqnRDxNYaZu7mAYhFKHgixsolE3o5Yfzbw1
-29Rvy+eUVe+WZxv5oo9wolVVpdSINIMEL2LaFhtX/c1dqiqYVpfnvFshZQaIg2nL8juzZcBjj4as
-H98gIS7khql/dkZKsw9NLvyxgJvp7PaXurX29fNf3ihG+oFrL22oFyV54BWWxXCKU/GPn61EGZGw
-Ft2qSIGLdctpMD1aJR2bcnlhEjZKDksjQZoQ5YMXaAGkcYkG6QkgrocDE2YXDbi7GIdf9MegVJ35
-2DQMpwIDAQABoDAwLgYJKoZIhvcNAQkOMSEwHzAdBgNVHQ4EFgQUQwlZJBA+fjiDdiVzaO9vrE/i
-n2swDQYJKoZIhvcNAQELBQADggEBAC5FRvMkhal3q86tHPBYWBuTtmcSjs4qUm6V6f63frhveWHf
-PzRrI1xH272XUIeBk0gtzWo0nNZnf0mMCtUBbHhhDcG82xolikfqibZijoQZCiGiedVjHJFtniDQ
-9bMDUOXEMQ7gHZg5q6mJfNG9MbMpQaUVEEFvfGEQQxbiFK7hRWU8S23/d80e8nExgQxdJWJ6vd0X
-MzzFK6j4Dj55bJVuM7GFmfdNC52pNOD5vYe47Aqh8oajHX9XTycVtPXl45rrWAH33ftbrS8SrZ2S
-vqIFQeuLL3BaHwpl3t7j2lMWcK1p80laAxEASib/fAwrRHpLHBXRcq6uALUOZl4Alt8=
------END NEW CERTIFICATE REQUEST-----
- </programlisting>
-                    </para>
-                    <para>
-                        Send this ca request to your CA.  The CA will issue you a signed certificate and send it to you.
-                        Before you import your new cert, you must obtain and import the root certificate of the CA.
-                        You can download the cert from CA (ie.: root.crt) and import as follows:
-<programlisting>
-$ keytool -import -keystore keycloak.jks -file root.crt -alias root
-</programlisting>
-                    </para>
-                    <para>
-                        Last step is import your new CA generated certificate to your keystore:
-<programlisting>
-$ keytool -import -alias yourdomain -keystore keycloak.jks -file your-certificate.cer
-</programlisting>
+                        Check the <ulink url="https://docs.jboss.org/author/display/WFLY8/Undertow+(web)+subsystem+configuration">Wildfly Undertow</ulink> documentation for more information on fine tuning the socket connections.
                     </para>
                 </section>
-            </section>
-            <section>
-                <title>Installing the keystore to WildFly</title>
-                <para>
-                    Now that you have a Java keystore with the appropriate certificates, you need to configure your
-                    Wildfly installation to use it.  First step is to move the keystore file to a directory
-                    you can reference in configuration.  I like to put it in <literal>standalone/configuration</literal>.
-                    Then you need to edit <literal>standalone/configuration/standalone.xml</literal> to enable SSL/HTTPS.
-                </para>
-                <para>
-                    To the <literal>security-realms</literal> element add:
-                    <programlisting><![CDATA[<security-realm name="UndertowRealm">
-    <server-identities>
-        <ssl>
-            <keystore path="keycloak.jks" relative-to="jboss.server.config.dir" keystore-password="secret" />
-        </ssl>
-    </server-identities>
-</security-realm>]]></programlisting>
-                </para>
-                <para>
-                    Find the element <literal>&lt;server name="default-server"&gt;</literal> (it's a child element of <literal>&lt;subsystem xmlns="urn:jboss:domain:undertow:1.0"&gt;</literal>) and add:
-                    <programlisting><![CDATA[<https-listener name="https" socket-binding="https" security-realm="UndertowRealm"/>
-]]></programlisting>
-                </para>
-                <para>
-                    Check the <ulink url="https://docs.jboss.org/author/display/WFLY8/Undertow+(web)+subsystem+configuration">Wildfly Undertow</ulink> documentation for more information on fine tuning the socket connections.
-                </para>
-            </section>
-            <section>
-                <title>Installing the keystore to JBoss EAP6/AS7</title>
-                <para>
-                    Now that you have a Java keystore with the appropriate certificates, you need to configure your
-                    JBoss EAP6/AS7 installation to use it.  First step is to move the keystore file to a directory
-                    you can reference in configuration.  I like to put it in <literal>standalone/configuration</literal>.
-                    Then you need to edit <literal>standalone/configuration/standalone.xml</literal> to enable SSL/HTTPS.
-                </para>
-                <para>
+                <section>
+                    <title>Installing the keystore to JBoss EAP6/AS7</title>
+                    <para>
+                        Now that you have a Java keystore with the appropriate certificates, you need to configure your
+                        JBoss EAP6/AS7 installation to use it.  First step is to move the keystore file to a directory
+                        you can reference in configuration.  I like to put it in <literal>standalone/configuration</literal>.
+                        Then you need to edit <literal>standalone/configuration/standalone.xml</literal> to enable SSL/HTTPS.
+                    </para>
+                    <para>
 <programlisting><![CDATA[<subsystem xmlns="urn:jboss:domain:web:1.1" default-virtual-server="default-host" native="false">
    <connector name="http" protocol="HTTP/1.1" scheme="http" socket-binding="http"  redirect-port="443" />
    <connector name="https" scheme="https" protocol="HTTP/1.1" socket-binding="https"
@@ -493,11 +497,35 @@ $ keytool -import -alias yourdomain -keystore keycloak.jks -file your-certificat
    </connector>
         ...
 </subsystem>]]></programlisting>
+                    </para>
+                    <para>
+                        Check the <ulink url="https://docs.jboss.org/author/display/AS71/SSL+setup+guide">JBoss</ulink> documentation for more information on fine tuning the socket connections.
+                    </para>
+                </section>
+            </section>
+
+            <section>
+                <title>Enable SSL on a Reverse Proxy</title>
+                <para>
+                    Follow the documentation for your web server to enable SSL and configure reverse proxy for Keycloak.
+                    It is important that you make sure the web server sets the <literal>X-Forwarded-For</literal> and
+                    <literal>X-Forwarded-Proto</literal> headers on the requests made to Keycloak. Next you need to enable
+                    <literal>proxy-address-forwarding</literal> on the Keycloak http connector. This is done by editing
+                    <literal>standalone/configuration/standalone.xml</literal>.
                 </para>
                 <para>
-                    Check the <ulink url="https://docs.jboss.org/author/display/AS71/SSL+setup+guide">JBoss</ulink> documentation for more information on fine tuning the socket connections.
+<programlisting><![CDATA[<subsystem xmlns="urn:jboss:domain:undertow:1.1">
+    ...
+    <http-listener name="default" socket-binding="http" proxy-address-forwarding="true"/>
+    ...
+</subsystem>
+]]></programlisting>
+                </para>
+                <para>
+                    Check the <ulink url="https://docs.jboss.org/author/display/WFLY8/Undertow+(web)+subsystem+configuration">WildFly</ulink> documentation for more information.
                 </para>
             </section>
+
             <section>
                 <title>Enforce HTTPS For Server Connections</title>
                 <para>
@@ -519,6 +547,7 @@ $ keytool -import -alias yourdomain -keystore keycloak.jks -file your-certificat
 </web-app>]]></programlisting>
                 </para>
             </section>
+
             <section>
                 <title>Enforce HTTPS at Realm Level</title>
                 <para>

From 34eb34c5fcc840528b3a70a77aa7c39adaecec08 Mon Sep 17 00:00:00 2001
From: Stian Thorgersen <stianst@gmail.com>
Date: Wed, 18 Jun 2014 11:08:06 +0100
Subject: [PATCH 11/15] Added documentation to specify https redirect port

---
 .../en/en-US/modules/server-installation.xml    | 17 ++++++++++++++---
 1 file changed, 14 insertions(+), 3 deletions(-)

diff --git a/docbook/reference/en/en-US/modules/server-installation.xml b/docbook/reference/en/en-US/modules/server-installation.xml
index f93d579485..d7428d642c 100755
--- a/docbook/reference/en/en-US/modules/server-installation.xml
+++ b/docbook/reference/en/en-US/modules/server-installation.xml
@@ -510,15 +510,26 @@ keycloak-war-dist-all-1.0-beta-3-SNAPSHOT/
                     Follow the documentation for your web server to enable SSL and configure reverse proxy for Keycloak.
                     It is important that you make sure the web server sets the <literal>X-Forwarded-For</literal> and
                     <literal>X-Forwarded-Proto</literal> headers on the requests made to Keycloak. Next you need to enable
-                    <literal>proxy-address-forwarding</literal> on the Keycloak http connector. This is done by editing
-                    <literal>standalone/configuration/standalone.xml</literal>.
+                    <literal>proxy-address-forwarding</literal> on the Keycloak http connector. Assuming that your reverse
+                    proxy doesn't use port 8443 for SSL you also need to configure what port http traffic is redirected to.
+                    This is done by editing <literal>standalone/configuration/standalone.xml</literal>.
                 </para>
+                First add <literal>proxy-address-forwarding</literal> and <literal>redirect-socket</literal> to the <literal>http-listener</literal>
+                element:
                 <para>
 <programlisting><![CDATA[<subsystem xmlns="urn:jboss:domain:undertow:1.1">
     ...
-    <http-listener name="default" socket-binding="http" proxy-address-forwarding="true"/>
+    <http-listener name="default" socket-binding="http" proxy-address-forwarding="true" redirect-socket="proxy-https"/>
     ...
 </subsystem>
+]]></programlisting>
+                Then add a new <literal>socket-binding</literal> element to the <literal>socket-binding-group</literal> element:
+<programlisting><![CDATA[
+<socket-binding-group name="standard-sockets" default-interface="public" port-offset="${jboss.socket.binding.port-offset:0}">
+    ...
+    <socket-binding name="proxy-https" port="443"/>
+    ...
+</socket-binding-group>
 ]]></programlisting>
                 </para>
                 <para>

From 19a545049b31fbcbd3b8a50f44674b989b7b4716 Mon Sep 17 00:00:00 2001
From: mposolda <mposolda@gmail.com>
Date: Wed, 18 Jun 2014 12:31:55 +0200
Subject: [PATCH 12/15] KEYCLOAK-536 Fix Sybase - role can't be used as column
 name as it's keyword in sybase

---
 .../main/java/org/keycloak/models/jpa/ApplicationAdapter.java  | 2 +-
 .../src/main/java/org/keycloak/models/jpa/RealmAdapter.java    | 2 +-
 .../models/jpa/entities/AbstractRoleMappingEntity.java         | 3 +++
 .../main/java/org/keycloak/models/jpa/entities/RoleEntity.java | 2 +-
 .../org/keycloak/models/jpa/entities/ScopeMappingEntity.java   | 3 +++
 5 files changed, 9 insertions(+), 3 deletions(-)

diff --git a/model/jpa/src/main/java/org/keycloak/models/jpa/ApplicationAdapter.java b/model/jpa/src/main/java/org/keycloak/models/jpa/ApplicationAdapter.java
index 36ea18247a..11ee6f07b9 100755
--- a/model/jpa/src/main/java/org/keycloak/models/jpa/ApplicationAdapter.java
+++ b/model/jpa/src/main/java/org/keycloak/models/jpa/ApplicationAdapter.java
@@ -142,7 +142,7 @@ public class ApplicationAdapter extends ClientAdapter implements ApplicationMode
 
         applicationEntity.getRoles().remove(role);
         applicationEntity.getDefaultRoles().remove(role);
-        em.createNativeQuery("delete from CompositeRole where role = :role").setParameter("role", role).executeUpdate();
+        em.createNativeQuery("delete from CompositeRole where childRole = :role").setParameter("role", role).executeUpdate();
         em.createQuery("delete from " + ScopeMappingEntity.class.getSimpleName() + " where role = :role").setParameter("role", role).executeUpdate();
         em.createQuery("delete from " + UserRoleMappingEntity.class.getSimpleName() + " where role = :role").setParameter("role", role).executeUpdate();
         role.setApplication(null);
diff --git a/model/jpa/src/main/java/org/keycloak/models/jpa/RealmAdapter.java b/model/jpa/src/main/java/org/keycloak/models/jpa/RealmAdapter.java
index fb92f1432b..18fc1db8ff 100755
--- a/model/jpa/src/main/java/org/keycloak/models/jpa/RealmAdapter.java
+++ b/model/jpa/src/main/java/org/keycloak/models/jpa/RealmAdapter.java
@@ -928,7 +928,7 @@ public class RealmAdapter implements RealmModel {
         realm.getRoles().remove(role);
         realm.getDefaultRoles().remove(role);
 
-        em.createNativeQuery("delete from CompositeRole where role = :role").setParameter("role", roleEntity).executeUpdate();
+        em.createNativeQuery("delete from CompositeRole where childRole = :role").setParameter("role", roleEntity).executeUpdate();
         em.createQuery("delete from " + UserRoleMappingEntity.class.getSimpleName() + " where role = :role").setParameter("role", roleEntity).executeUpdate();
         em.createQuery("delete from " + ScopeMappingEntity.class.getSimpleName() + " where role = :role").setParameter("role", roleEntity).executeUpdate();
 
diff --git a/model/jpa/src/main/java/org/keycloak/models/jpa/entities/AbstractRoleMappingEntity.java b/model/jpa/src/main/java/org/keycloak/models/jpa/entities/AbstractRoleMappingEntity.java
index 685aed752c..2ab0d00cc7 100755
--- a/model/jpa/src/main/java/org/keycloak/models/jpa/entities/AbstractRoleMappingEntity.java
+++ b/model/jpa/src/main/java/org/keycloak/models/jpa/entities/AbstractRoleMappingEntity.java
@@ -3,6 +3,7 @@ package org.keycloak.models.jpa.entities;
 import javax.persistence.FetchType;
 import javax.persistence.GeneratedValue;
 import javax.persistence.Id;
+import javax.persistence.JoinColumn;
 import javax.persistence.ManyToOne;
 import javax.persistence.MappedSuperclass;
 
@@ -20,7 +21,9 @@ public class AbstractRoleMappingEntity {
     protected String id;
     @ManyToOne(fetch= FetchType.LAZY)
     protected UserEntity user;
+
     @ManyToOne(fetch= FetchType.LAZY)
+    @JoinColumn(name="roleId")
     protected RoleEntity role;
 
     public String getId() {
diff --git a/model/jpa/src/main/java/org/keycloak/models/jpa/entities/RoleEntity.java b/model/jpa/src/main/java/org/keycloak/models/jpa/entities/RoleEntity.java
index 5be5fed2e5..d3fc6dfb8c 100755
--- a/model/jpa/src/main/java/org/keycloak/models/jpa/entities/RoleEntity.java
+++ b/model/jpa/src/main/java/org/keycloak/models/jpa/entities/RoleEntity.java
@@ -59,7 +59,7 @@ public class RoleEntity {
     private String appRealmConstraint;
 
     @ManyToMany(fetch = FetchType.LAZY, cascade = {})
-    @JoinTable(name = "CompositeRole", joinColumns = @JoinColumn(name = "composite"), inverseJoinColumns = @JoinColumn(name = "role"))
+    @JoinTable(name = "CompositeRole", joinColumns = @JoinColumn(name = "composite"), inverseJoinColumns = @JoinColumn(name = "childRole"))
     private Collection<RoleEntity> compositeRoles = new ArrayList<RoleEntity>();
 
     public String getId() {
diff --git a/model/jpa/src/main/java/org/keycloak/models/jpa/entities/ScopeMappingEntity.java b/model/jpa/src/main/java/org/keycloak/models/jpa/entities/ScopeMappingEntity.java
index e1a00f9838..b45b69b8e4 100755
--- a/model/jpa/src/main/java/org/keycloak/models/jpa/entities/ScopeMappingEntity.java
+++ b/model/jpa/src/main/java/org/keycloak/models/jpa/entities/ScopeMappingEntity.java
@@ -6,6 +6,7 @@ import javax.persistence.Entity;
 import javax.persistence.FetchType;
 import javax.persistence.GeneratedValue;
 import javax.persistence.Id;
+import javax.persistence.JoinColumn;
 import javax.persistence.ManyToOne;
 import javax.persistence.NamedQueries;
 import javax.persistence.NamedQuery;
@@ -27,7 +28,9 @@ public class ScopeMappingEntity {
     protected String id;
     @ManyToOne(fetch= FetchType.LAZY)
     protected ClientEntity client;
+
     @ManyToOne(fetch= FetchType.LAZY)
+    @JoinColumn(name="roleId")
     protected RoleEntity role;
 
     public String getId() {

From 9beb210c23d576a38203998097198c09dea3e457 Mon Sep 17 00:00:00 2001
From: mposolda <mposolda@gmail.com>
Date: Wed, 18 Jun 2014 18:08:05 +0200
Subject: [PATCH 13/15] fix javascript error when click on 'Show Expires' and
 token is not active

---
 examples/js-console/src/main/webapp/index.html | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/examples/js-console/src/main/webapp/index.html b/examples/js-console/src/main/webapp/index.html
index 468dfaeb9b..b0cbf3987d 100644
--- a/examples/js-console/src/main/webapp/index.html
+++ b/examples/js-console/src/main/webapp/index.html
@@ -48,6 +48,11 @@
     }
 
     function showExpires() {
+        if (!keycloak.tokenParsed) {
+            output("Not authenticated");
+            return;
+        }
+
         var o = 'Token Expires:\t\t' + new Date(keycloak.tokenParsed.exp * 1000).toLocaleString() + '\n';
         o += 'Token Expires in:\t' + Math.round(keycloak.tokenParsed.exp - new Date().getTime() / 1000) + ' seconds\n';
 

From df2305eb024191a7068725ba9b52bccefcb83fa6 Mon Sep 17 00:00:00 2001
From: Stian Thorgersen <stianst@gmail.com>
Date: Thu, 19 Jun 2014 10:19:10 +0100
Subject: [PATCH 14/15] Bumped version to 1.0-beta-4-SNAPSHOT

---
 audit/api/pom.xml                             |  2 +-
 audit/email/pom.xml                           |  2 +-
 audit/jboss-logging/pom.xml                   |  2 +-
 audit/jpa/pom.xml                             |  2 +-
 audit/mongo/pom.xml                           |  2 +-
 audit/pom.xml                                 |  2 +-
 audit/tests/pom.xml                           |  2 +-
 authentication/authentication-api/pom.xml     |  2 +-
 authentication/authentication-model/pom.xml   |  2 +-
 .../authentication-picketlink/pom.xml         |  2 +-
 authentication/pom.xml                        |  2 +-
 core-jaxrs/pom.xml                            |  2 +-
 core/pom.xml                                  |  2 +-
 distribution/appliance-dist/pom.xml           |  2 +-
 distribution/as7-adapter-zip/pom.xml          |  2 +-
 distribution/eap6-adapter-zip/pom.xml         |  2 +-
 distribution/examples-docs-zip/pom.xml        |  2 +-
 distribution/modules/pom.xml                  |  2 +-
 distribution/pom.xml                          |  2 +-
 distribution/src-dist/pom.xml                 |  2 +-
 distribution/theme-template-zip/pom.xml       |  2 +-
 distribution/war-dist/pom.xml                 |  2 +-
 distribution/war-zip/pom.xml                  |  2 +-
 distribution/wildfly-adapter-zip/pom.xml      |  2 +-
 docbook/pom.xml                               |  2 +-
 docbook/reference/en/en-US/master.xml         |  2 +-
 .../en/en-US/modules/server-installation.xml  | 22 +++++++++----------
 docbook/reference/en/en-US/modules/themes.xml |  4 ++--
 examples/cors/angular-product-app/pom.xml     |  2 +-
 examples/cors/database-service/pom.xml        |  2 +-
 examples/cors/pom.xml                         |  2 +-
 .../demo-template/admin-access-app/pom.xml    |  2 +-
 .../demo-template/angular-product-app/pom.xml |  2 +-
 .../demo-template/customer-app-cli/pom.xml    |  2 +-
 .../demo-template/customer-app-js/pom.xml     |  2 +-
 examples/demo-template/customer-app/pom.xml   |  2 +-
 .../demo-template/database-service/pom.xml    |  2 +-
 examples/demo-template/pom.xml                |  2 +-
 examples/demo-template/product-app/pom.xml    |  2 +-
 .../demo-template/third-party-cdi/pom.xml     |  2 +-
 examples/demo-template/third-party/pom.xml    |  2 +-
 examples/js-console/pom.xml                   |  2 +-
 examples/pom.xml                              |  2 +-
 .../providers/audit-listener-sysout/pom.xml   |  2 +-
 examples/providers/audit-provider-mem/pom.xml |  2 +-
 .../authentication-properties/pom.xml         |  2 +-
 examples/providers/pom.xml                    |  2 +-
 export-import/export-import-api/pom.xml       |  2 +-
 export-import/export-import-impl/pom.xml      |  2 +-
 export-import/pom.xml                         |  2 +-
 forms/account-api/pom.xml                     |  2 +-
 forms/account-freemarker/pom.xml              |  2 +-
 forms/common-freemarker/pom.xml               |  2 +-
 forms/common-themes/pom.xml                   |  2 +-
 forms/email-api/pom.xml                       |  2 +-
 forms/email-freemarker/pom.xml                |  2 +-
 forms/login-api/pom.xml                       |  2 +-
 forms/login-freemarker/pom.xml                |  2 +-
 forms/pom.xml                                 |  2 +-
 integration/adapter-core/pom.xml              |  2 +-
 integration/as7-eap-subsystem/pom.xml         |  2 +-
 integration/as7-eap6/adapter/pom.xml          |  2 +-
 integration/installed/pom.xml                 |  2 +-
 integration/jaxrs-oauth-client/pom.xml        |  2 +-
 integration/jboss-adapter-core/pom.xml        |  2 +-
 integration/js/pom.xml                        |  2 +-
 integration/pom.xml                           |  2 +-
 integration/servlet-oauth-client/pom.xml      |  2 +-
 integration/tomcat7/adapter/pom.xml           |  2 +-
 integration/undertow/pom.xml                  |  2 +-
 integration/wildfly-adapter/pom.xml           |  2 +-
 integration/wildfly-subsystem/pom.xml         |  2 +-
 model/api/pom.xml                             |  2 +-
 .../invalidation-cache/model-adapters/pom.xml |  2 +-
 model/invalidation-cache/pom.xml              |  2 +-
 model/jpa/pom.xml                             |  2 +-
 model/mongo/pom.xml                           |  2 +-
 model/pom.xml                                 |  2 +-
 model/tests/pom.xml                           |  2 +-
 picketlink/keycloak-picketlink-api/pom.xml    |  2 +-
 picketlink/keycloak-picketlink-realm/pom.xml  |  2 +-
 picketlink/pom.xml                            |  2 +-
 pom.xml                                       |  2 +-
 project-integrations/aerogear-ups/app/pom.xml |  2 +-
 .../aerogear-ups/auth-server/pom.xml          |  2 +-
 project-integrations/aerogear-ups/pom.xml     |  2 +-
 project-integrations/pom.xml                  |  2 +-
 server/pom.xml                                |  2 +-
 services/pom.xml                              |  2 +-
 social/core/pom.xml                           |  2 +-
 social/facebook/pom.xml                       |  2 +-
 social/github/pom.xml                         |  2 +-
 social/google/pom.xml                         |  2 +-
 social/pom.xml                                |  2 +-
 social/twitter/pom.xml                        |  2 +-
 testsuite/integration/pom.xml                 |  2 +-
 testsuite/performance/pom.xml                 |  2 +-
 testsuite/pom.xml                             |  2 +-
 timer/api/pom.xml                             |  2 +-
 timer/basic/pom.xml                           |  2 +-
 timer/pom.xml                                 |  2 +-
 101 files changed, 112 insertions(+), 112 deletions(-)

diff --git a/audit/api/pom.xml b/audit/api/pom.xml
index 024bd42570..c9c56b1597 100755
--- a/audit/api/pom.xml
+++ b/audit/api/pom.xml
@@ -3,7 +3,7 @@
     <parent>
         <artifactId>keycloak-audit-parent</artifactId>
         <groupId>org.keycloak</groupId>
-        <version>1.0-beta-3-SNAPSHOT</version>
+        <version>1.0-beta-4-SNAPSHOT</version>
     </parent>
 
     <modelVersion>4.0.0</modelVersion>
diff --git a/audit/email/pom.xml b/audit/email/pom.xml
index 6152372b50..e8545eb6a7 100755
--- a/audit/email/pom.xml
+++ b/audit/email/pom.xml
@@ -3,7 +3,7 @@
     <parent>
         <artifactId>keycloak-audit-parent</artifactId>
         <groupId>org.keycloak</groupId>
-        <version>1.0-beta-3-SNAPSHOT</version>
+        <version>1.0-beta-4-SNAPSHOT</version>
     </parent>
 
     <modelVersion>4.0.0</modelVersion>
diff --git a/audit/jboss-logging/pom.xml b/audit/jboss-logging/pom.xml
index 429999524f..b4c64876d4 100755
--- a/audit/jboss-logging/pom.xml
+++ b/audit/jboss-logging/pom.xml
@@ -3,7 +3,7 @@
     <parent>
         <artifactId>keycloak-audit-parent</artifactId>
         <groupId>org.keycloak</groupId>
-        <version>1.0-beta-3-SNAPSHOT</version>
+        <version>1.0-beta-4-SNAPSHOT</version>
     </parent>
 
     <modelVersion>4.0.0</modelVersion>
diff --git a/audit/jpa/pom.xml b/audit/jpa/pom.xml
index 5301ec8d26..d124c39e25 100755
--- a/audit/jpa/pom.xml
+++ b/audit/jpa/pom.xml
@@ -3,7 +3,7 @@
     <parent>
         <artifactId>keycloak-audit-parent</artifactId>
         <groupId>org.keycloak</groupId>
-        <version>1.0-beta-3-SNAPSHOT</version>
+        <version>1.0-beta-4-SNAPSHOT</version>
     </parent>
 
     <modelVersion>4.0.0</modelVersion>
diff --git a/audit/mongo/pom.xml b/audit/mongo/pom.xml
index db8a5eda35..481ba0a4f7 100755
--- a/audit/mongo/pom.xml
+++ b/audit/mongo/pom.xml
@@ -3,7 +3,7 @@
     <parent>
         <artifactId>keycloak-audit-parent</artifactId>
         <groupId>org.keycloak</groupId>
-        <version>1.0-beta-3-SNAPSHOT</version>
+        <version>1.0-beta-4-SNAPSHOT</version>
     </parent>
 
     <modelVersion>4.0.0</modelVersion>
diff --git a/audit/pom.xml b/audit/pom.xml
index 57f7dfbd75..b6ae9e3650 100755
--- a/audit/pom.xml
+++ b/audit/pom.xml
@@ -3,7 +3,7 @@
     <parent>
         <artifactId>keycloak-parent</artifactId>
         <groupId>org.keycloak</groupId>
-        <version>1.0-beta-3-SNAPSHOT</version>
+        <version>1.0-beta-4-SNAPSHOT</version>
         <relativePath>../pom.xml</relativePath>
     </parent>
 
diff --git a/audit/tests/pom.xml b/audit/tests/pom.xml
index 575aa8764d..c3efa5abbb 100755
--- a/audit/tests/pom.xml
+++ b/audit/tests/pom.xml
@@ -5,7 +5,7 @@
     <parent>
         <artifactId>keycloak-audit-parent</artifactId>
         <groupId>org.keycloak</groupId>
-        <version>1.0-beta-3-SNAPSHOT</version>
+        <version>1.0-beta-4-SNAPSHOT</version>
     </parent>
     <modelVersion>4.0.0</modelVersion>
 
diff --git a/authentication/authentication-api/pom.xml b/authentication/authentication-api/pom.xml
index 219b6c2eed..8471acd6fc 100755
--- a/authentication/authentication-api/pom.xml
+++ b/authentication/authentication-api/pom.xml
@@ -3,7 +3,7 @@
     <parent>
         <artifactId>keycloak-authentication-parent</artifactId>
         <groupId>org.keycloak</groupId>
-        <version>1.0-beta-3-SNAPSHOT</version>
+        <version>1.0-beta-4-SNAPSHOT</version>
         <relativePath>../pom.xml</relativePath>
     </parent>
     <modelVersion>4.0.0</modelVersion>
diff --git a/authentication/authentication-model/pom.xml b/authentication/authentication-model/pom.xml
index c05cd3706e..711ea534e0 100755
--- a/authentication/authentication-model/pom.xml
+++ b/authentication/authentication-model/pom.xml
@@ -3,7 +3,7 @@
     <parent>
         <artifactId>keycloak-authentication-parent</artifactId>
         <groupId>org.keycloak</groupId>
-        <version>1.0-beta-3-SNAPSHOT</version>
+        <version>1.0-beta-4-SNAPSHOT</version>
         <relativePath>../pom.xml</relativePath>
     </parent>
     <modelVersion>4.0.0</modelVersion>
diff --git a/authentication/authentication-picketlink/pom.xml b/authentication/authentication-picketlink/pom.xml
index 1c3ba9c0c5..3ca1a10a88 100755
--- a/authentication/authentication-picketlink/pom.xml
+++ b/authentication/authentication-picketlink/pom.xml
@@ -3,7 +3,7 @@
     <parent>
         <artifactId>keycloak-authentication-parent</artifactId>
         <groupId>org.keycloak</groupId>
-        <version>1.0-beta-3-SNAPSHOT</version>
+        <version>1.0-beta-4-SNAPSHOT</version>
         <relativePath>../pom.xml</relativePath>
     </parent>
     <modelVersion>4.0.0</modelVersion>
diff --git a/authentication/pom.xml b/authentication/pom.xml
index 16573afd97..f7ea914bfb 100755
--- a/authentication/pom.xml
+++ b/authentication/pom.xml
@@ -5,7 +5,7 @@
     <parent>
         <artifactId>keycloak-parent</artifactId>
         <groupId>org.keycloak</groupId>
-        <version>1.0-beta-3-SNAPSHOT</version>
+        <version>1.0-beta-4-SNAPSHOT</version>
         <relativePath>../pom.xml</relativePath>
     </parent>
     <modelVersion>4.0.0</modelVersion>
diff --git a/core-jaxrs/pom.xml b/core-jaxrs/pom.xml
index e4e8fea3ad..c531f91b6e 100755
--- a/core-jaxrs/pom.xml
+++ b/core-jaxrs/pom.xml
@@ -4,7 +4,7 @@
     <parent>
         <artifactId>keycloak-parent</artifactId>
         <groupId>org.keycloak</groupId>
-        <version>1.0-beta-3-SNAPSHOT</version>
+        <version>1.0-beta-4-SNAPSHOT</version>
         <relativePath>../pom.xml</relativePath>
     </parent>
     <modelVersion>4.0.0</modelVersion>
diff --git a/core/pom.xml b/core/pom.xml
index e0c64d20df..90bc87b146 100755
--- a/core/pom.xml
+++ b/core/pom.xml
@@ -4,7 +4,7 @@
     <parent>
         <artifactId>keycloak-parent</artifactId>
         <groupId>org.keycloak</groupId>
-        <version>1.0-beta-3-SNAPSHOT</version>
+        <version>1.0-beta-4-SNAPSHOT</version>
         <relativePath>../pom.xml</relativePath>
     </parent>
     <modelVersion>4.0.0</modelVersion>
diff --git a/distribution/appliance-dist/pom.xml b/distribution/appliance-dist/pom.xml
index f0f03cead5..3b5751aa54 100755
--- a/distribution/appliance-dist/pom.xml
+++ b/distribution/appliance-dist/pom.xml
@@ -4,7 +4,7 @@
     <parent>
         <artifactId>keycloak-parent</artifactId>
         <groupId>org.keycloak</groupId>
-        <version>1.0-beta-3-SNAPSHOT</version>
+        <version>1.0-beta-4-SNAPSHOT</version>
         <relativePath>../../pom.xml</relativePath>
     </parent>
 
diff --git a/distribution/as7-adapter-zip/pom.xml b/distribution/as7-adapter-zip/pom.xml
index 041743a755..46c76f7141 100755
--- a/distribution/as7-adapter-zip/pom.xml
+++ b/distribution/as7-adapter-zip/pom.xml
@@ -4,7 +4,7 @@
     <parent>
         <artifactId>keycloak-parent</artifactId>
         <groupId>org.keycloak</groupId>
-        <version>1.0-beta-3-SNAPSHOT</version>
+        <version>1.0-beta-4-SNAPSHOT</version>
         <relativePath>../../pom.xml</relativePath>
     </parent>
 
diff --git a/distribution/eap6-adapter-zip/pom.xml b/distribution/eap6-adapter-zip/pom.xml
index cb7d209988..a71f747f2f 100755
--- a/distribution/eap6-adapter-zip/pom.xml
+++ b/distribution/eap6-adapter-zip/pom.xml
@@ -4,7 +4,7 @@
     <parent>
         <artifactId>keycloak-parent</artifactId>
         <groupId>org.keycloak</groupId>
-        <version>1.0-beta-3-SNAPSHOT</version>
+        <version>1.0-beta-4-SNAPSHOT</version>
         <relativePath>../../pom.xml</relativePath>
     </parent>
 
diff --git a/distribution/examples-docs-zip/pom.xml b/distribution/examples-docs-zip/pom.xml
index cc722c1af9..588b82ae11 100755
--- a/distribution/examples-docs-zip/pom.xml
+++ b/distribution/examples-docs-zip/pom.xml
@@ -4,7 +4,7 @@
     <parent>
         <artifactId>keycloak-parent</artifactId>
         <groupId>org.keycloak</groupId>
-        <version>1.0-beta-3-SNAPSHOT</version>
+        <version>1.0-beta-4-SNAPSHOT</version>
         <relativePath>../../pom.xml</relativePath>
     </parent>
 
diff --git a/distribution/modules/pom.xml b/distribution/modules/pom.xml
index 8db2ce4db6..f1711f72fc 100755
--- a/distribution/modules/pom.xml
+++ b/distribution/modules/pom.xml
@@ -30,7 +30,7 @@
     <parent>
         <artifactId>keycloak-parent</artifactId>
         <groupId>org.keycloak</groupId>
-        <version>1.0-beta-3-SNAPSHOT</version>
+        <version>1.0-beta-4-SNAPSHOT</version>
         <relativePath>../../pom.xml</relativePath>
     </parent>
 
diff --git a/distribution/pom.xml b/distribution/pom.xml
index 4338461143..aee1513109 100755
--- a/distribution/pom.xml
+++ b/distribution/pom.xml
@@ -3,7 +3,7 @@
     <parent>
         <artifactId>keycloak-parent</artifactId>
         <groupId>org.keycloak</groupId>
-        <version>1.0-beta-3-SNAPSHOT</version>
+        <version>1.0-beta-4-SNAPSHOT</version>
         <relativePath>../pom.xml</relativePath>
     </parent>
     <name>Distribution</name>
diff --git a/distribution/src-dist/pom.xml b/distribution/src-dist/pom.xml
index 8ed55af080..8f30994eff 100755
--- a/distribution/src-dist/pom.xml
+++ b/distribution/src-dist/pom.xml
@@ -4,7 +4,7 @@
     <parent>
         <artifactId>keycloak-parent</artifactId>
         <groupId>org.keycloak</groupId>
-        <version>1.0-beta-3-SNAPSHOT</version>
+        <version>1.0-beta-4-SNAPSHOT</version>
         <relativePath>../../pom.xml</relativePath>
     </parent>
 
diff --git a/distribution/theme-template-zip/pom.xml b/distribution/theme-template-zip/pom.xml
index 542177044b..c8f24ed2cc 100755
--- a/distribution/theme-template-zip/pom.xml
+++ b/distribution/theme-template-zip/pom.xml
@@ -4,7 +4,7 @@
     <parent>
         <artifactId>keycloak-parent</artifactId>
         <groupId>org.keycloak</groupId>
-        <version>1.0-beta-3-SNAPSHOT</version>
+        <version>1.0-beta-4-SNAPSHOT</version>
         <relativePath>../../pom.xml</relativePath>
     </parent>
 
diff --git a/distribution/war-dist/pom.xml b/distribution/war-dist/pom.xml
index 201405a408..2e48008fc1 100755
--- a/distribution/war-dist/pom.xml
+++ b/distribution/war-dist/pom.xml
@@ -4,7 +4,7 @@
     <parent>
         <artifactId>keycloak-parent</artifactId>
         <groupId>org.keycloak</groupId>
-        <version>1.0-beta-3-SNAPSHOT</version>
+        <version>1.0-beta-4-SNAPSHOT</version>
         <relativePath>../../pom.xml</relativePath>
     </parent>
 
diff --git a/distribution/war-zip/pom.xml b/distribution/war-zip/pom.xml
index c6cb908278..d0ddb28a23 100755
--- a/distribution/war-zip/pom.xml
+++ b/distribution/war-zip/pom.xml
@@ -4,7 +4,7 @@
     <parent>
         <artifactId>keycloak-parent</artifactId>
         <groupId>org.keycloak</groupId>
-        <version>1.0-beta-3-SNAPSHOT</version>
+        <version>1.0-beta-4-SNAPSHOT</version>
         <relativePath>../../pom.xml</relativePath>
     </parent>
 
diff --git a/distribution/wildfly-adapter-zip/pom.xml b/distribution/wildfly-adapter-zip/pom.xml
index 4f027a74a8..c726cdb8df 100755
--- a/distribution/wildfly-adapter-zip/pom.xml
+++ b/distribution/wildfly-adapter-zip/pom.xml
@@ -4,7 +4,7 @@
     <parent>
         <artifactId>keycloak-parent</artifactId>
         <groupId>org.keycloak</groupId>
-        <version>1.0-beta-3-SNAPSHOT</version>
+        <version>1.0-beta-4-SNAPSHOT</version>
         <relativePath>../../pom.xml</relativePath>
     </parent>
 
diff --git a/docbook/pom.xml b/docbook/pom.xml
index 62b73755b5..eaae737b7c 100755
--- a/docbook/pom.xml
+++ b/docbook/pom.xml
@@ -6,7 +6,7 @@
 
     <groupId>org.keycloak</groupId>
     <artifactId>keycloak-reference-guide-${translation}</artifactId>
-    <version>1.0-beta-3-SNAPSHOT</version>
+    <version>1.0-beta-4-SNAPSHOT</version>
     <packaging>jdocbook</packaging>
     <name>Keycloak Reference Guide (${translation})</name>
     <description/>
diff --git a/docbook/reference/en/en-US/master.xml b/docbook/reference/en/en-US/master.xml
index 3e525cd712..0fe428fc57 100755
--- a/docbook/reference/en/en-US/master.xml
+++ b/docbook/reference/en/en-US/master.xml
@@ -37,7 +37,7 @@
    <bookinfo>
       <title>Keycloak Reference Guide</title>
       <subtitle>SSO for Web Apps and REST Services</subtitle>
-      <releaseinfo>1.0-beta-3-SNAPSHOT</releaseinfo>
+      <releaseinfo>1.0-beta-4-SNAPSHOT</releaseinfo>
    </bookinfo>
 
    <toc/>
diff --git a/docbook/reference/en/en-US/modules/server-installation.xml b/docbook/reference/en/en-US/modules/server-installation.xml
index d7428d642c..769feec695 100755
--- a/docbook/reference/en/en-US/modules/server-installation.xml
+++ b/docbook/reference/en/en-US/modules/server-installation.xml
@@ -8,11 +8,11 @@
         <itemizedlist>
 
             <listitem>
-                keycloak-appliance-dist-all-1.0-beta-3-SNAPSHOT.zip
+                keycloak-appliance-dist-all-1.0-beta-4-SNAPSHOT.zip
             </listitem>
 
             <listitem>
-                keycloak-war-dist-all-1.0-beta-3-SNAPSHOT.zip
+                keycloak-war-dist-all-1.0-beta-4-SNAPSHOT.zip
             </listitem>
 
         </itemizedlist>
@@ -31,7 +31,7 @@
 
         <para>
 <programlisting>
-keycloak-appliance-dist-all-1.0-beta-3-SNAPSHOT/
+keycloak-appliance-dist-all-1.0-beta-4-SNAPSHOT/
     keycloak/
         bin/
             standalone.sh
@@ -42,9 +42,9 @@ keycloak-appliance-dist-all-1.0-beta-3-SNAPSHOT/
                 keycloak-server.json
                 themes/
     adapters/
-        keycloak-as7-adapter-dist-1.0-beta-3-SNAPSHOT.zip
-        keycloak-eap6-adapter-dist-1.0-beta-3-SNAPSHOT.zip
-        keycloak-wildfly-adapter-dist-1.0-beta-3-SNAPSHOT.zip
+        keycloak-as7-adapter-dist-1.0-beta-4-SNAPSHOT.zip
+        keycloak-eap6-adapter-dist-1.0-beta-4-SNAPSHOT.zip
+        keycloak-wildfly-adapter-dist-1.0-beta-4-SNAPSHOT.zip
     examples/
     docs/
 </programlisting>
@@ -79,7 +79,7 @@ keycloak-appliance-dist-all-1.0-beta-3-SNAPSHOT/
         </para>
         <para>
 <programlisting>
-keycloak-war-dist-all-1.0-beta-3-SNAPSHOT/
+keycloak-war-dist-all-1.0-beta-4-SNAPSHOT/
     deployments/
         auth-server.war/
         keycloak-ds.xml
@@ -87,9 +87,9 @@ keycloak-war-dist-all-1.0-beta-3-SNAPSHOT/
         keycloak-server.json
         themes/
     adapters/
-        keycloak-as7-adapter-dist-1.0-beta-3-SNAPSHOT.zip
-        keycloak-eap6-adapter-dist-1.0-beta-3-SNAPSHOT.zip
-        keycloak-wildfly-adapter-dist-1.0-beta-3-SNAPSHOT.zip
+        keycloak-as7-adapter-dist-1.0-beta-4-SNAPSHOT.zip
+        keycloak-eap6-adapter-dist-1.0-beta-4-SNAPSHOT.zip
+        keycloak-wildfly-adapter-dist-1.0-beta-4-SNAPSHOT.zip
     examples/
     docs/
 </programlisting>
@@ -101,7 +101,7 @@ keycloak-war-dist-all-1.0-beta-3-SNAPSHOT/
         </para>
         <para>
 <programlisting>
-    $ cd keycloak-war-dist-all-1.0-beta-3-SNAPSHOT
+    $ cd keycloak-war-dist-all-1.0-beta-4-SNAPSHOT
     $ cp -r deployments $JBOSS_HOME/standalone
 </programlisting>
         </para>
diff --git a/docbook/reference/en/en-US/modules/themes.xml b/docbook/reference/en/en-US/modules/themes.xml
index c156452cbb..bef70165ce 100755
--- a/docbook/reference/en/en-US/modules/themes.xml
+++ b/docbook/reference/en/en-US/modules/themes.xml
@@ -154,7 +154,7 @@
             </para>
             <para>
                 Keycloaks default account management provider is built on the FreeMarker template engine (<literal>forms/account-freemarker</literal>).
-                To make sure your provider is loaded you will either need to delete <literal>standalone/deployments/auth-server.war/WEB-INF/lib/keycloak-account-freemarker-1.0-beta-3-SNAPSHOT.jar</literal>
+                To make sure your provider is loaded you will either need to delete <literal>standalone/deployments/auth-server.war/WEB-INF/lib/keycloak-account-freemarker-1.0-beta-4-SNAPSHOT.jar</literal>
                 or disable it with the system property <literal>org.keycloak.account.freemarker.FreeMarkerAccountProviderFactory</literal>.
             </para>
         </section>
@@ -167,7 +167,7 @@
             </para>
             <para>
                 Keycloaks default login forms provider is built on the FreeMarker template engine (<literal>forms/login-freemarker</literal>).
-                To make sure your provider is loaded you will either need to delete <literal>standalone/deployments/auth-server.war/WEB-INF/lib/keycloak-login-freemarker-1.0-beta-3-SNAPSHOT.jar</literal>
+                To make sure your provider is loaded you will either need to delete <literal>standalone/deployments/auth-server.war/WEB-INF/lib/keycloak-login-freemarker-1.0-beta-4-SNAPSHOT.jar</literal>
                 or disable it with the system property <literal>org.keycloak.login.freemarker.FreeMarkerLoginFormsProviderFactory</literal>.
             </para>
         </section>
diff --git a/examples/cors/angular-product-app/pom.xml b/examples/cors/angular-product-app/pom.xml
index 9fe68fa620..4ba033ca88 100755
--- a/examples/cors/angular-product-app/pom.xml
+++ b/examples/cors/angular-product-app/pom.xml
@@ -4,7 +4,7 @@
     <parent>
         <artifactId>keycloak-parent</artifactId>
         <groupId>org.keycloak</groupId>
-        <version>1.0-beta-3-SNAPSHOT</version>
+        <version>1.0-beta-4-SNAPSHOT</version>
         <relativePath>../../../pom.xml</relativePath>
     </parent>
     <modelVersion>4.0.0</modelVersion>
diff --git a/examples/cors/database-service/pom.xml b/examples/cors/database-service/pom.xml
index c219afb9b8..e1c6dbf2ab 100755
--- a/examples/cors/database-service/pom.xml
+++ b/examples/cors/database-service/pom.xml
@@ -4,7 +4,7 @@
     <parent>
         <artifactId>keycloak-parent</artifactId>
         <groupId>org.keycloak</groupId>
-        <version>1.0-beta-3-SNAPSHOT</version>
+        <version>1.0-beta-4-SNAPSHOT</version>
         <relativePath>../../../pom.xml</relativePath>
     </parent>
     <modelVersion>4.0.0</modelVersion>
diff --git a/examples/cors/pom.xml b/examples/cors/pom.xml
index fb548c9c40..f5530991b6 100755
--- a/examples/cors/pom.xml
+++ b/examples/cors/pom.xml
@@ -3,7 +3,7 @@
     <parent>
         <artifactId>keycloak-parent</artifactId>
         <groupId>org.keycloak</groupId>
-        <version>1.0-beta-3-SNAPSHOT</version>
+        <version>1.0-beta-4-SNAPSHOT</version>
         <relativePath>../../pom.xml</relativePath>
     </parent>
     <name>Examples</name>
diff --git a/examples/demo-template/admin-access-app/pom.xml b/examples/demo-template/admin-access-app/pom.xml
index 66df4f3548..dc6a2636ae 100755
--- a/examples/demo-template/admin-access-app/pom.xml
+++ b/examples/demo-template/admin-access-app/pom.xml
@@ -4,7 +4,7 @@
     <parent>
         <artifactId>keycloak-parent</artifactId>
         <groupId>org.keycloak</groupId>
-        <version>1.0-beta-3-SNAPSHOT</version>
+        <version>1.0-beta-4-SNAPSHOT</version>
         <relativePath>../../../pom.xml</relativePath>
     </parent>
     <modelVersion>4.0.0</modelVersion>
diff --git a/examples/demo-template/angular-product-app/pom.xml b/examples/demo-template/angular-product-app/pom.xml
index 39c1ac4f18..f4ccda77ca 100755
--- a/examples/demo-template/angular-product-app/pom.xml
+++ b/examples/demo-template/angular-product-app/pom.xml
@@ -4,7 +4,7 @@
     <parent>
         <artifactId>keycloak-parent</artifactId>
         <groupId>org.keycloak</groupId>
-        <version>1.0-beta-3-SNAPSHOT</version>
+        <version>1.0-beta-4-SNAPSHOT</version>
         <relativePath>../../../pom.xml</relativePath>
     </parent>
     <modelVersion>4.0.0</modelVersion>
diff --git a/examples/demo-template/customer-app-cli/pom.xml b/examples/demo-template/customer-app-cli/pom.xml
index 8db3d1766c..b2bbe84286 100755
--- a/examples/demo-template/customer-app-cli/pom.xml
+++ b/examples/demo-template/customer-app-cli/pom.xml
@@ -4,7 +4,7 @@
     <parent>
         <artifactId>keycloak-parent</artifactId>
         <groupId>org.keycloak</groupId>
-        <version>1.0-beta-3-SNAPSHOT</version>
+        <version>1.0-beta-4-SNAPSHOT</version>
         <relativePath>../../../pom.xml</relativePath>
     </parent>
     <modelVersion>4.0.0</modelVersion>
diff --git a/examples/demo-template/customer-app-js/pom.xml b/examples/demo-template/customer-app-js/pom.xml
index a892df9e72..73e86b6c12 100755
--- a/examples/demo-template/customer-app-js/pom.xml
+++ b/examples/demo-template/customer-app-js/pom.xml
@@ -4,7 +4,7 @@
     <parent>
         <artifactId>keycloak-parent</artifactId>
         <groupId>org.keycloak</groupId>
-        <version>1.0-beta-3-SNAPSHOT</version>
+        <version>1.0-beta-4-SNAPSHOT</version>
         <relativePath>../../../pom.xml</relativePath>
     </parent>
     <modelVersion>4.0.0</modelVersion>
diff --git a/examples/demo-template/customer-app/pom.xml b/examples/demo-template/customer-app/pom.xml
index eb11673fb8..8dead54737 100755
--- a/examples/demo-template/customer-app/pom.xml
+++ b/examples/demo-template/customer-app/pom.xml
@@ -4,7 +4,7 @@
     <parent>
         <artifactId>keycloak-parent</artifactId>
         <groupId>org.keycloak</groupId>
-        <version>1.0-beta-3-SNAPSHOT</version>
+        <version>1.0-beta-4-SNAPSHOT</version>
         <relativePath>../../../pom.xml</relativePath>
     </parent>
     <modelVersion>4.0.0</modelVersion>
diff --git a/examples/demo-template/database-service/pom.xml b/examples/demo-template/database-service/pom.xml
index 1192abce2b..181cb20bd6 100755
--- a/examples/demo-template/database-service/pom.xml
+++ b/examples/demo-template/database-service/pom.xml
@@ -4,7 +4,7 @@
     <parent>
         <artifactId>keycloak-parent</artifactId>
         <groupId>org.keycloak</groupId>
-        <version>1.0-beta-3-SNAPSHOT</version>
+        <version>1.0-beta-4-SNAPSHOT</version>
         <relativePath>../../../pom.xml</relativePath>
     </parent>
     <modelVersion>4.0.0</modelVersion>
diff --git a/examples/demo-template/pom.xml b/examples/demo-template/pom.xml
index 51cf021073..d0495a02bf 100755
--- a/examples/demo-template/pom.xml
+++ b/examples/demo-template/pom.xml
@@ -3,7 +3,7 @@
     <parent>
         <artifactId>keycloak-parent</artifactId>
         <groupId>org.keycloak</groupId>
-        <version>1.0-beta-3-SNAPSHOT</version>
+        <version>1.0-beta-4-SNAPSHOT</version>
         <relativePath>../../pom.xml</relativePath>
     </parent>
     <name>Examples</name>
diff --git a/examples/demo-template/product-app/pom.xml b/examples/demo-template/product-app/pom.xml
index 21e9cf0ab1..0a4aad6073 100755
--- a/examples/demo-template/product-app/pom.xml
+++ b/examples/demo-template/product-app/pom.xml
@@ -4,7 +4,7 @@
     <parent>
         <artifactId>keycloak-parent</artifactId>
         <groupId>org.keycloak</groupId>
-        <version>1.0-beta-3-SNAPSHOT</version>
+        <version>1.0-beta-4-SNAPSHOT</version>
         <relativePath>../../../pom.xml</relativePath>
     </parent>
     <modelVersion>4.0.0</modelVersion>
diff --git a/examples/demo-template/third-party-cdi/pom.xml b/examples/demo-template/third-party-cdi/pom.xml
index 4cc0c93417..b8933b0097 100755
--- a/examples/demo-template/third-party-cdi/pom.xml
+++ b/examples/demo-template/third-party-cdi/pom.xml
@@ -4,7 +4,7 @@
     <parent>
         <artifactId>keycloak-parent</artifactId>
         <groupId>org.keycloak</groupId>
-        <version>1.0-beta-3-SNAPSHOT</version>
+        <version>1.0-beta-4-SNAPSHOT</version>
         <relativePath>../../../pom.xml</relativePath>
     </parent>
     <modelVersion>4.0.0</modelVersion>
diff --git a/examples/demo-template/third-party/pom.xml b/examples/demo-template/third-party/pom.xml
index a95259ef72..7207b8bb1c 100755
--- a/examples/demo-template/third-party/pom.xml
+++ b/examples/demo-template/third-party/pom.xml
@@ -4,7 +4,7 @@
     <parent>
         <artifactId>keycloak-parent</artifactId>
         <groupId>org.keycloak</groupId>
-        <version>1.0-beta-3-SNAPSHOT</version>
+        <version>1.0-beta-4-SNAPSHOT</version>
         <relativePath>../../../pom.xml</relativePath>
     </parent>
     <modelVersion>4.0.0</modelVersion>
diff --git a/examples/js-console/pom.xml b/examples/js-console/pom.xml
index bbcf00f1fb..28a991ad3e 100755
--- a/examples/js-console/pom.xml
+++ b/examples/js-console/pom.xml
@@ -4,7 +4,7 @@
     <parent>
         <artifactId>keycloak-parent</artifactId>
         <groupId>org.keycloak</groupId>
-        <version>1.0-beta-3-SNAPSHOT</version>
+        <version>1.0-beta-4-SNAPSHOT</version>
         <relativePath>../../pom.xml</relativePath> 
     </parent>
     <modelVersion>4.0.0</modelVersion>
diff --git a/examples/pom.xml b/examples/pom.xml
index 950f5c000f..c642443ab8 100755
--- a/examples/pom.xml
+++ b/examples/pom.xml
@@ -3,7 +3,7 @@
     <parent>
         <artifactId>keycloak-parent</artifactId>
         <groupId>org.keycloak</groupId>
-        <version>1.0-beta-3-SNAPSHOT</version>
+        <version>1.0-beta-4-SNAPSHOT</version>
         <relativePath>../pom.xml</relativePath>
     </parent>
     <name>Examples</name>
diff --git a/examples/providers/audit-listener-sysout/pom.xml b/examples/providers/audit-listener-sysout/pom.xml
index c57093b9e5..d24711ce1d 100755
--- a/examples/providers/audit-listener-sysout/pom.xml
+++ b/examples/providers/audit-listener-sysout/pom.xml
@@ -3,7 +3,7 @@
     <parent>
         <artifactId>examples-providers-pom</artifactId>
         <groupId>org.keycloak</groupId>
-        <version>1.0-beta-3-SNAPSHOT</version>
+        <version>1.0-beta-4-SNAPSHOT</version>
         <relativePath>../pom.xml</relativePath>
     </parent>
     <name>Audit Listener System.out Example</name>
diff --git a/examples/providers/audit-provider-mem/pom.xml b/examples/providers/audit-provider-mem/pom.xml
index e0b1252982..5cbc31a6f0 100755
--- a/examples/providers/audit-provider-mem/pom.xml
+++ b/examples/providers/audit-provider-mem/pom.xml
@@ -3,7 +3,7 @@
     <parent>
         <artifactId>examples-providers-pom</artifactId>
         <groupId>org.keycloak</groupId>
-        <version>1.0-beta-3-SNAPSHOT</version>
+        <version>1.0-beta-4-SNAPSHOT</version>
         <relativePath>../pom.xml</relativePath>
     </parent>
     <name>Audit Provider In-Mem Example</name>
diff --git a/examples/providers/authentication-properties/pom.xml b/examples/providers/authentication-properties/pom.xml
index 9794628447..1fdd105947 100755
--- a/examples/providers/authentication-properties/pom.xml
+++ b/examples/providers/authentication-properties/pom.xml
@@ -3,7 +3,7 @@
     <parent>
         <artifactId>examples-providers-pom</artifactId>
         <groupId>org.keycloak</groupId>
-        <version>1.0-beta-3-SNAPSHOT</version>
+        <version>1.0-beta-4-SNAPSHOT</version>
         <relativePath>../pom.xml</relativePath>
     </parent>
     <name>Properties Authentication Provider Example</name>
diff --git a/examples/providers/pom.xml b/examples/providers/pom.xml
index fed8a53483..229057df6e 100755
--- a/examples/providers/pom.xml
+++ b/examples/providers/pom.xml
@@ -3,7 +3,7 @@
     <parent>
         <artifactId>examples-pom</artifactId>
         <groupId>org.keycloak</groupId>
-        <version>1.0-beta-3-SNAPSHOT</version>
+        <version>1.0-beta-4-SNAPSHOT</version>
         <relativePath>../pom.xml</relativePath>
     </parent>
     <name>Provider Examples</name>
diff --git a/export-import/export-import-api/pom.xml b/export-import/export-import-api/pom.xml
index 4525d60444..19db6e5e9a 100755
--- a/export-import/export-import-api/pom.xml
+++ b/export-import/export-import-api/pom.xml
@@ -4,7 +4,7 @@
     <parent>
         <artifactId>keycloak-export-import-parent</artifactId>
         <groupId>org.keycloak</groupId>
-        <version>1.0-beta-3-SNAPSHOT</version>
+        <version>1.0-beta-4-SNAPSHOT</version>
         <relativePath>../pom.xml</relativePath>
     </parent>
     <modelVersion>4.0.0</modelVersion>
diff --git a/export-import/export-import-impl/pom.xml b/export-import/export-import-impl/pom.xml
index 2c274364c8..9b10c8a026 100755
--- a/export-import/export-import-impl/pom.xml
+++ b/export-import/export-import-impl/pom.xml
@@ -4,7 +4,7 @@
     <parent>
         <artifactId>keycloak-export-import-parent</artifactId>
         <groupId>org.keycloak</groupId>
-        <version>1.0-beta-3-SNAPSHOT</version>
+        <version>1.0-beta-4-SNAPSHOT</version>
         <relativePath>../pom.xml</relativePath>
     </parent>
     <modelVersion>4.0.0</modelVersion>
diff --git a/export-import/pom.xml b/export-import/pom.xml
index 4a0f1caf1d..b9a5a4d2e5 100755
--- a/export-import/pom.xml
+++ b/export-import/pom.xml
@@ -4,7 +4,7 @@
     <parent>
         <artifactId>keycloak-parent</artifactId>
         <groupId>org.keycloak</groupId>
-        <version>1.0-beta-3-SNAPSHOT</version>
+        <version>1.0-beta-4-SNAPSHOT</version>
         <relativePath>../pom.xml</relativePath>
     </parent>
     <modelVersion>4.0.0</modelVersion>
diff --git a/forms/account-api/pom.xml b/forms/account-api/pom.xml
index 0a787f1de7..f2a9acda6b 100755
--- a/forms/account-api/pom.xml
+++ b/forms/account-api/pom.xml
@@ -4,7 +4,7 @@
 	<parent>
 		<artifactId>keycloak-forms-parent</artifactId>
 		<groupId>org.keycloak</groupId>
-		<version>1.0-beta-3-SNAPSHOT</version>
+		<version>1.0-beta-4-SNAPSHOT</version>
 		<relativePath>../pom.xml</relativePath>
 	</parent>
 	<modelVersion>4.0.0</modelVersion>
diff --git a/forms/account-freemarker/pom.xml b/forms/account-freemarker/pom.xml
index 70bebd4685..dcfb18d8c1 100755
--- a/forms/account-freemarker/pom.xml
+++ b/forms/account-freemarker/pom.xml
@@ -4,7 +4,7 @@
 	<parent>
 		<artifactId>keycloak-forms-parent</artifactId>
 		<groupId>org.keycloak</groupId>
-		<version>1.0-beta-3-SNAPSHOT</version>
+		<version>1.0-beta-4-SNAPSHOT</version>
 		<relativePath>../pom.xml</relativePath>
 	</parent>
 	<modelVersion>4.0.0</modelVersion>
diff --git a/forms/common-freemarker/pom.xml b/forms/common-freemarker/pom.xml
index 4e4924fc77..41a573b177 100755
--- a/forms/common-freemarker/pom.xml
+++ b/forms/common-freemarker/pom.xml
@@ -4,7 +4,7 @@
 	<parent>
 		<artifactId>keycloak-forms-parent</artifactId>
 		<groupId>org.keycloak</groupId>
-		<version>1.0-beta-3-SNAPSHOT</version>
+		<version>1.0-beta-4-SNAPSHOT</version>
 		<relativePath>../pom.xml</relativePath>
 	</parent>
 	<modelVersion>4.0.0</modelVersion>
diff --git a/forms/common-themes/pom.xml b/forms/common-themes/pom.xml
index dc497f12b0..74ee25eef0 100755
--- a/forms/common-themes/pom.xml
+++ b/forms/common-themes/pom.xml
@@ -4,7 +4,7 @@
 	<parent>
 		<artifactId>keycloak-forms-parent</artifactId>
 		<groupId>org.keycloak</groupId>
-		<version>1.0-beta-3-SNAPSHOT</version>
+		<version>1.0-beta-4-SNAPSHOT</version>
 		<relativePath>../pom.xml</relativePath>
 	</parent>
 	<modelVersion>4.0.0</modelVersion>
diff --git a/forms/email-api/pom.xml b/forms/email-api/pom.xml
index 1bd0ae057d..61a0787e9a 100755
--- a/forms/email-api/pom.xml
+++ b/forms/email-api/pom.xml
@@ -4,7 +4,7 @@
 	<parent>
 		<artifactId>keycloak-forms-parent</artifactId>
 		<groupId>org.keycloak</groupId>
-		<version>1.0-beta-3-SNAPSHOT</version>
+		<version>1.0-beta-4-SNAPSHOT</version>
 		<relativePath>../pom.xml</relativePath>
 	</parent>
 	<modelVersion>4.0.0</modelVersion>
diff --git a/forms/email-freemarker/pom.xml b/forms/email-freemarker/pom.xml
index 62a3135451..22126e065c 100755
--- a/forms/email-freemarker/pom.xml
+++ b/forms/email-freemarker/pom.xml
@@ -4,7 +4,7 @@
     <parent>
         <artifactId>keycloak-forms-parent</artifactId>
         <groupId>org.keycloak</groupId>
-        <version>1.0-beta-3-SNAPSHOT</version>
+        <version>1.0-beta-4-SNAPSHOT</version>
         <relativePath>../pom.xml</relativePath>
     </parent>
     <modelVersion>4.0.0</modelVersion>
diff --git a/forms/login-api/pom.xml b/forms/login-api/pom.xml
index d8399e2679..3068e6fd60 100755
--- a/forms/login-api/pom.xml
+++ b/forms/login-api/pom.xml
@@ -4,7 +4,7 @@
 	<parent>
 		<artifactId>keycloak-forms-parent</artifactId>
 		<groupId>org.keycloak</groupId>
-		<version>1.0-beta-3-SNAPSHOT</version>
+		<version>1.0-beta-4-SNAPSHOT</version>
 		<relativePath>../pom.xml</relativePath>
 	</parent>
 	<modelVersion>4.0.0</modelVersion>
diff --git a/forms/login-freemarker/pom.xml b/forms/login-freemarker/pom.xml
index 31ec8e30a1..33a97b569d 100755
--- a/forms/login-freemarker/pom.xml
+++ b/forms/login-freemarker/pom.xml
@@ -4,7 +4,7 @@
 	<parent>
 		<artifactId>keycloak-forms-parent</artifactId>
 		<groupId>org.keycloak</groupId>
-		<version>1.0-beta-3-SNAPSHOT</version>
+		<version>1.0-beta-4-SNAPSHOT</version>
 		<relativePath>../pom.xml</relativePath>
 	</parent>
 	<modelVersion>4.0.0</modelVersion>
diff --git a/forms/pom.xml b/forms/pom.xml
index 8ae03b6c6a..7ea2ce2c80 100755
--- a/forms/pom.xml
+++ b/forms/pom.xml
@@ -4,7 +4,7 @@
 	<parent>
 		<artifactId>keycloak-parent</artifactId>
 		<groupId>org.keycloak</groupId>
-		<version>1.0-beta-3-SNAPSHOT</version>
+		<version>1.0-beta-4-SNAPSHOT</version>
 		<relativePath>../pom.xml</relativePath>
 	</parent>
 	<modelVersion>4.0.0</modelVersion>
diff --git a/integration/adapter-core/pom.xml b/integration/adapter-core/pom.xml
index 1b10dc9d4a..eec05bf726 100755
--- a/integration/adapter-core/pom.xml
+++ b/integration/adapter-core/pom.xml
@@ -4,7 +4,7 @@
     <parent>
         <artifactId>keycloak-parent</artifactId>
         <groupId>org.keycloak</groupId>
-        <version>1.0-beta-3-SNAPSHOT</version>
+        <version>1.0-beta-4-SNAPSHOT</version>
         <relativePath>../../pom.xml</relativePath>
     </parent>
     <modelVersion>4.0.0</modelVersion>
diff --git a/integration/as7-eap-subsystem/pom.xml b/integration/as7-eap-subsystem/pom.xml
index 7339025750..f01a5b7805 100755
--- a/integration/as7-eap-subsystem/pom.xml
+++ b/integration/as7-eap-subsystem/pom.xml
@@ -20,7 +20,7 @@
     <parent>
         <groupId>org.keycloak</groupId>
         <artifactId>keycloak-parent</artifactId>
-        <version>1.0-beta-3-SNAPSHOT</version>
+        <version>1.0-beta-4-SNAPSHOT</version>
         <relativePath>../../pom.xml</relativePath>
     </parent>
 
diff --git a/integration/as7-eap6/adapter/pom.xml b/integration/as7-eap6/adapter/pom.xml
index 99ec805793..b37dd01ca6 100755
--- a/integration/as7-eap6/adapter/pom.xml
+++ b/integration/as7-eap6/adapter/pom.xml
@@ -4,7 +4,7 @@
     <parent>
         <artifactId>keycloak-parent</artifactId>
         <groupId>org.keycloak</groupId>
-        <version>1.0-beta-3-SNAPSHOT</version>
+        <version>1.0-beta-4-SNAPSHOT</version>
         <relativePath>../../../pom.xml</relativePath>
     </parent>
     <modelVersion>4.0.0</modelVersion>
diff --git a/integration/installed/pom.xml b/integration/installed/pom.xml
index 8734c2bb6b..bc540192cb 100755
--- a/integration/installed/pom.xml
+++ b/integration/installed/pom.xml
@@ -4,7 +4,7 @@
     <parent>
         <artifactId>keycloak-parent</artifactId>
         <groupId>org.keycloak</groupId>
-        <version>1.0-beta-3-SNAPSHOT</version>
+        <version>1.0-beta-4-SNAPSHOT</version>
         <relativePath>../../pom.xml</relativePath>
     </parent>
     <modelVersion>4.0.0</modelVersion>
diff --git a/integration/jaxrs-oauth-client/pom.xml b/integration/jaxrs-oauth-client/pom.xml
index 989c3efde6..0b88811abd 100755
--- a/integration/jaxrs-oauth-client/pom.xml
+++ b/integration/jaxrs-oauth-client/pom.xml
@@ -4,7 +4,7 @@
     <parent>
         <artifactId>keycloak-parent</artifactId>
         <groupId>org.keycloak</groupId>
-        <version>1.0-beta-3-SNAPSHOT</version>
+        <version>1.0-beta-4-SNAPSHOT</version>
         <relativePath>../../pom.xml</relativePath>
     </parent>
     <modelVersion>4.0.0</modelVersion>
diff --git a/integration/jboss-adapter-core/pom.xml b/integration/jboss-adapter-core/pom.xml
index 6c504ab855..ffb2a632bf 100755
--- a/integration/jboss-adapter-core/pom.xml
+++ b/integration/jboss-adapter-core/pom.xml
@@ -4,7 +4,7 @@
     <parent>
         <artifactId>keycloak-parent</artifactId>
         <groupId>org.keycloak</groupId>
-        <version>1.0-beta-3-SNAPSHOT</version>
+        <version>1.0-beta-4-SNAPSHOT</version>
         <relativePath>../../pom.xml</relativePath>
     </parent>
     <modelVersion>4.0.0</modelVersion>
diff --git a/integration/js/pom.xml b/integration/js/pom.xml
index c0cec1bab0..a08f3dff14 100755
--- a/integration/js/pom.xml
+++ b/integration/js/pom.xml
@@ -4,7 +4,7 @@
 	<parent>
 		<artifactId>keycloak-parent</artifactId>
 		<groupId>org.keycloak</groupId>
-		<version>1.0-beta-3-SNAPSHOT</version>
+		<version>1.0-beta-4-SNAPSHOT</version>
         <relativePath>../../pom.xml</relativePath>
 	</parent>
 	<modelVersion>4.0.0</modelVersion>
diff --git a/integration/pom.xml b/integration/pom.xml
index 5e25f121ee..6efed519f5 100755
--- a/integration/pom.xml
+++ b/integration/pom.xml
@@ -3,7 +3,7 @@
     <parent>
         <artifactId>keycloak-parent</artifactId>
         <groupId>org.keycloak</groupId>
-        <version>1.0-beta-3-SNAPSHOT</version>
+        <version>1.0-beta-4-SNAPSHOT</version>
         <relativePath>../pom.xml</relativePath>
     </parent>
     <name>Keycloak Integration</name>
diff --git a/integration/servlet-oauth-client/pom.xml b/integration/servlet-oauth-client/pom.xml
index 30881abafc..4e1025471a 100755
--- a/integration/servlet-oauth-client/pom.xml
+++ b/integration/servlet-oauth-client/pom.xml
@@ -4,7 +4,7 @@
     <parent>
         <artifactId>keycloak-parent</artifactId>
         <groupId>org.keycloak</groupId>
-        <version>1.0-beta-3-SNAPSHOT</version>
+        <version>1.0-beta-4-SNAPSHOT</version>
         <relativePath>../../pom.xml</relativePath>
     </parent>
     <modelVersion>4.0.0</modelVersion>
diff --git a/integration/tomcat7/adapter/pom.xml b/integration/tomcat7/adapter/pom.xml
index d73a683aa9..c04cc173fd 100755
--- a/integration/tomcat7/adapter/pom.xml
+++ b/integration/tomcat7/adapter/pom.xml
@@ -4,7 +4,7 @@
     <parent>
 		<artifactId>keycloak-parent</artifactId>
 		<groupId>org.keycloak</groupId>
-		<version>1.0-beta-3-SNAPSHOT</version>
+		<version>1.0-beta-4-SNAPSHOT</version>
 		<relativePath>../../../pom.xml</relativePath>
 	</parent>
 	<modelVersion>4.0.0</modelVersion>
diff --git a/integration/undertow/pom.xml b/integration/undertow/pom.xml
index f6bda05448..b4ab2c1ee7 100755
--- a/integration/undertow/pom.xml
+++ b/integration/undertow/pom.xml
@@ -4,7 +4,7 @@
     <parent>
         <artifactId>keycloak-parent</artifactId>
         <groupId>org.keycloak</groupId>
-        <version>1.0-beta-3-SNAPSHOT</version>
+        <version>1.0-beta-4-SNAPSHOT</version>
         <relativePath>../../pom.xml</relativePath>
     </parent>
     <modelVersion>4.0.0</modelVersion>
diff --git a/integration/wildfly-adapter/pom.xml b/integration/wildfly-adapter/pom.xml
index ad39fd57d0..2d9a63e041 100755
--- a/integration/wildfly-adapter/pom.xml
+++ b/integration/wildfly-adapter/pom.xml
@@ -4,7 +4,7 @@
     <parent>
         <artifactId>keycloak-parent</artifactId>
         <groupId>org.keycloak</groupId>
-        <version>1.0-beta-3-SNAPSHOT</version>
+        <version>1.0-beta-4-SNAPSHOT</version>
         <relativePath>../../pom.xml</relativePath>
     </parent>
     <modelVersion>4.0.0</modelVersion>
diff --git a/integration/wildfly-subsystem/pom.xml b/integration/wildfly-subsystem/pom.xml
index 671e9de2b4..5311ee280e 100755
--- a/integration/wildfly-subsystem/pom.xml
+++ b/integration/wildfly-subsystem/pom.xml
@@ -20,7 +20,7 @@
     <parent>
         <groupId>org.keycloak</groupId>
         <artifactId>keycloak-parent</artifactId>
-        <version>1.0-beta-3-SNAPSHOT</version>
+        <version>1.0-beta-4-SNAPSHOT</version>
         <relativePath>../../pom.xml</relativePath>
     </parent>
 
diff --git a/model/api/pom.xml b/model/api/pom.xml
index 446148fe20..f72d856fea 100755
--- a/model/api/pom.xml
+++ b/model/api/pom.xml
@@ -4,7 +4,7 @@
     <parent>
         <artifactId>keycloak-parent</artifactId>
         <groupId>org.keycloak</groupId>
-        <version>1.0-beta-3-SNAPSHOT</version>
+        <version>1.0-beta-4-SNAPSHOT</version>
         <relativePath>../../pom.xml</relativePath>
     </parent>
     <modelVersion>4.0.0</modelVersion>
diff --git a/model/invalidation-cache/model-adapters/pom.xml b/model/invalidation-cache/model-adapters/pom.xml
index 3eecff0440..8882850c3f 100755
--- a/model/invalidation-cache/model-adapters/pom.xml
+++ b/model/invalidation-cache/model-adapters/pom.xml
@@ -4,7 +4,7 @@
     <parent>
         <artifactId>keycloak-parent</artifactId>
         <groupId>org.keycloak</groupId>
-        <version>1.0-beta-3-SNAPSHOT</version>
+        <version>1.0-beta-4-SNAPSHOT</version>
         <relativePath>../../../pom.xml</relativePath>
     </parent>
     <modelVersion>4.0.0</modelVersion>
diff --git a/model/invalidation-cache/pom.xml b/model/invalidation-cache/pom.xml
index e17fbc6f7f..d4f0490e76 100755
--- a/model/invalidation-cache/pom.xml
+++ b/model/invalidation-cache/pom.xml
@@ -3,7 +3,7 @@
     <parent>
         <artifactId>keycloak-parent</artifactId>
         <groupId>org.keycloak</groupId>
-        <version>1.0-beta-3-SNAPSHOT</version>
+        <version>1.0-beta-4-SNAPSHOT</version>
         <relativePath>../../pom.xml</relativePath>
     </parent>
     <name>Model Parent</name>
diff --git a/model/jpa/pom.xml b/model/jpa/pom.xml
index 4c7e26999e..987abd23b1 100755
--- a/model/jpa/pom.xml
+++ b/model/jpa/pom.xml
@@ -4,7 +4,7 @@
     <parent>
         <artifactId>keycloak-parent</artifactId>
         <groupId>org.keycloak</groupId>
-        <version>1.0-beta-3-SNAPSHOT</version>
+        <version>1.0-beta-4-SNAPSHOT</version>
         <relativePath>../../pom.xml</relativePath>
     </parent>
     <modelVersion>4.0.0</modelVersion>
diff --git a/model/mongo/pom.xml b/model/mongo/pom.xml
index eda284ffdc..31d513d5f4 100755
--- a/model/mongo/pom.xml
+++ b/model/mongo/pom.xml
@@ -5,7 +5,7 @@
     <parent>
         <artifactId>keycloak-parent</artifactId>
         <groupId>org.keycloak</groupId>
-        <version>1.0-beta-3-SNAPSHOT</version>
+        <version>1.0-beta-4-SNAPSHOT</version>
         <relativePath>../../pom.xml</relativePath>
     </parent>
     <modelVersion>4.0.0</modelVersion>
diff --git a/model/pom.xml b/model/pom.xml
index 2d972fe246..850a21f322 100755
--- a/model/pom.xml
+++ b/model/pom.xml
@@ -3,7 +3,7 @@
     <parent>
         <artifactId>keycloak-parent</artifactId>
         <groupId>org.keycloak</groupId>
-        <version>1.0-beta-3-SNAPSHOT</version>
+        <version>1.0-beta-4-SNAPSHOT</version>
         <relativePath>../pom.xml</relativePath>
     </parent>
     <name>Model Parent</name>
diff --git a/model/tests/pom.xml b/model/tests/pom.xml
index bfd267810b..3149597f65 100755
--- a/model/tests/pom.xml
+++ b/model/tests/pom.xml
@@ -5,7 +5,7 @@
     <parent>
         <artifactId>keycloak-parent</artifactId>
         <groupId>org.keycloak</groupId>
-        <version>1.0-beta-3-SNAPSHOT</version>
+        <version>1.0-beta-4-SNAPSHOT</version>
         <relativePath>../../pom.xml</relativePath>
     </parent>
     <modelVersion>4.0.0</modelVersion>
diff --git a/picketlink/keycloak-picketlink-api/pom.xml b/picketlink/keycloak-picketlink-api/pom.xml
index 6c0d132b1c..b954af7e75 100755
--- a/picketlink/keycloak-picketlink-api/pom.xml
+++ b/picketlink/keycloak-picketlink-api/pom.xml
@@ -5,7 +5,7 @@
     <parent>
         <artifactId>keycloak-picketlink-parent</artifactId>
         <groupId>org.keycloak</groupId>
-        <version>1.0-beta-3-SNAPSHOT</version>
+        <version>1.0-beta-4-SNAPSHOT</version>
         <relativePath>../pom.xml</relativePath>
     </parent>
     <modelVersion>4.0.0</modelVersion>
diff --git a/picketlink/keycloak-picketlink-realm/pom.xml b/picketlink/keycloak-picketlink-realm/pom.xml
index 8c345a3026..d95eaaabc5 100755
--- a/picketlink/keycloak-picketlink-realm/pom.xml
+++ b/picketlink/keycloak-picketlink-realm/pom.xml
@@ -5,7 +5,7 @@
     <parent>
         <artifactId>keycloak-picketlink-parent</artifactId>
         <groupId>org.keycloak</groupId>
-        <version>1.0-beta-3-SNAPSHOT</version>
+        <version>1.0-beta-4-SNAPSHOT</version>
         <relativePath>../pom.xml</relativePath>
     </parent>
     <modelVersion>4.0.0</modelVersion>
diff --git a/picketlink/pom.xml b/picketlink/pom.xml
index 078aee33e6..dc07ca55a2 100755
--- a/picketlink/pom.xml
+++ b/picketlink/pom.xml
@@ -5,7 +5,7 @@
     <parent>
         <artifactId>keycloak-parent</artifactId>
         <groupId>org.keycloak</groupId>
-        <version>1.0-beta-3-SNAPSHOT</version>
+        <version>1.0-beta-4-SNAPSHOT</version>
         <relativePath>../pom.xml</relativePath>
     </parent>
     <modelVersion>4.0.0</modelVersion>
diff --git a/pom.xml b/pom.xml
index 6279df5e46..cd19d1607b 100755
--- a/pom.xml
+++ b/pom.xml
@@ -8,7 +8,7 @@
     </description>
     <groupId>org.keycloak</groupId>
     <artifactId>keycloak-parent</artifactId>
-    <version>1.0-beta-3-SNAPSHOT</version>
+    <version>1.0-beta-4-SNAPSHOT</version>
     <packaging>pom</packaging>
 
     <properties>
diff --git a/project-integrations/aerogear-ups/app/pom.xml b/project-integrations/aerogear-ups/app/pom.xml
index 2b7b3a186e..2bf361c5b9 100755
--- a/project-integrations/aerogear-ups/app/pom.xml
+++ b/project-integrations/aerogear-ups/app/pom.xml
@@ -4,7 +4,7 @@
     <parent>
         <artifactId>keycloak-parent</artifactId>
         <groupId>org.keycloak</groupId>
-        <version>1.0-beta-3-SNAPSHOT</version>
+        <version>1.0-beta-4-SNAPSHOT</version>
         <relativePath>../../../pom.xml</relativePath>
     </parent>
 
diff --git a/project-integrations/aerogear-ups/auth-server/pom.xml b/project-integrations/aerogear-ups/auth-server/pom.xml
index 07ec63136e..c32789cc08 100755
--- a/project-integrations/aerogear-ups/auth-server/pom.xml
+++ b/project-integrations/aerogear-ups/auth-server/pom.xml
@@ -4,7 +4,7 @@
     <parent>
         <artifactId>keycloak-parent</artifactId>
         <groupId>org.keycloak</groupId>
-        <version>1.0-beta-3-SNAPSHOT</version>
+        <version>1.0-beta-4-SNAPSHOT</version>
         <relativePath>../../../pom.xml</relativePath>
     </parent>
 
diff --git a/project-integrations/aerogear-ups/pom.xml b/project-integrations/aerogear-ups/pom.xml
index 524e3eb285..873117f4ef 100755
--- a/project-integrations/aerogear-ups/pom.xml
+++ b/project-integrations/aerogear-ups/pom.xml
@@ -3,7 +3,7 @@
     <parent>
         <artifactId>keycloak-parent</artifactId>
         <groupId>org.keycloak</groupId>
-        <version>1.0-beta-3-SNAPSHOT</version>
+        <version>1.0-beta-4-SNAPSHOT</version>
         <relativePath>../../pom.xml</relativePath>
     </parent>
     <name>Aerogear UPS Parent</name>
diff --git a/project-integrations/pom.xml b/project-integrations/pom.xml
index e0b1adeeb3..840b5c1116 100755
--- a/project-integrations/pom.xml
+++ b/project-integrations/pom.xml
@@ -3,7 +3,7 @@
     <parent>
         <artifactId>keycloak-parent</artifactId>
         <groupId>org.keycloak</groupId>
-        <version>1.0-beta-3-SNAPSHOT</version>
+        <version>1.0-beta-4-SNAPSHOT</version>
         <relativePath>../pom.xml</relativePath>
     </parent>
     <name>Third-party Integration Parent</name>
diff --git a/server/pom.xml b/server/pom.xml
index ac9c0ff762..2d8e61d684 100755
--- a/server/pom.xml
+++ b/server/pom.xml
@@ -4,7 +4,7 @@
     <parent>
         <artifactId>keycloak-parent</artifactId>
         <groupId>org.keycloak</groupId>
-        <version>1.0-beta-3-SNAPSHOT</version>
+        <version>1.0-beta-4-SNAPSHOT</version>
     </parent>
 
     <modelVersion>4.0.0</modelVersion>
diff --git a/services/pom.xml b/services/pom.xml
index 4fad80a0ab..0f82346b16 100755
--- a/services/pom.xml
+++ b/services/pom.xml
@@ -4,7 +4,7 @@
     <parent>
         <artifactId>keycloak-parent</artifactId>
         <groupId>org.keycloak</groupId>
-        <version>1.0-beta-3-SNAPSHOT</version>
+        <version>1.0-beta-4-SNAPSHOT</version>
         <relativePath>../pom.xml</relativePath>
     </parent>
     <modelVersion>4.0.0</modelVersion>
diff --git a/social/core/pom.xml b/social/core/pom.xml
index c51947c58c..86eb1c846b 100755
--- a/social/core/pom.xml
+++ b/social/core/pom.xml
@@ -4,7 +4,7 @@
     <parent>
         <artifactId>keycloak-social-parent</artifactId>
         <groupId>org.keycloak</groupId>
-        <version>1.0-beta-3-SNAPSHOT</version>
+        <version>1.0-beta-4-SNAPSHOT</version>
         <relativePath>../pom.xml</relativePath>
     </parent>
     <modelVersion>4.0.0</modelVersion>
diff --git a/social/facebook/pom.xml b/social/facebook/pom.xml
index db0172ddc6..6efd73546f 100755
--- a/social/facebook/pom.xml
+++ b/social/facebook/pom.xml
@@ -3,7 +3,7 @@
     <parent>
         <artifactId>keycloak-social-parent</artifactId>
         <groupId>org.keycloak</groupId>
-        <version>1.0-beta-3-SNAPSHOT</version>
+        <version>1.0-beta-4-SNAPSHOT</version>
         <relativePath>../pom.xml</relativePath>
     </parent>
     <modelVersion>4.0.0</modelVersion>
diff --git a/social/github/pom.xml b/social/github/pom.xml
index f5ca89c563..91bd6ae735 100755
--- a/social/github/pom.xml
+++ b/social/github/pom.xml
@@ -3,7 +3,7 @@
     <parent>
         <artifactId>keycloak-social-parent</artifactId>
         <groupId>org.keycloak</groupId>
-        <version>1.0-beta-3-SNAPSHOT</version>
+        <version>1.0-beta-4-SNAPSHOT</version>
         <relativePath>../pom.xml</relativePath>
     </parent>
     <modelVersion>4.0.0</modelVersion>
diff --git a/social/google/pom.xml b/social/google/pom.xml
index 0f4faf4301..e54edc1f38 100755
--- a/social/google/pom.xml
+++ b/social/google/pom.xml
@@ -4,7 +4,7 @@
     <parent>
         <artifactId>keycloak-social-parent</artifactId>
         <groupId>org.keycloak</groupId>
-        <version>1.0-beta-3-SNAPSHOT</version>
+        <version>1.0-beta-4-SNAPSHOT</version>
         <relativePath>../pom.xml</relativePath>
     </parent>
     <modelVersion>4.0.0</modelVersion>
diff --git a/social/pom.xml b/social/pom.xml
index 40cb5fdb00..8576beb080 100755
--- a/social/pom.xml
+++ b/social/pom.xml
@@ -4,7 +4,7 @@
     <parent>
         <artifactId>keycloak-parent</artifactId>
         <groupId>org.keycloak</groupId>
-        <version>1.0-beta-3-SNAPSHOT</version>
+        <version>1.0-beta-4-SNAPSHOT</version>
         <relativePath>../pom.xml</relativePath>
     </parent>
     <modelVersion>4.0.0</modelVersion>
diff --git a/social/twitter/pom.xml b/social/twitter/pom.xml
index 29e7921a21..6ea5460dbd 100755
--- a/social/twitter/pom.xml
+++ b/social/twitter/pom.xml
@@ -4,7 +4,7 @@
     <parent>
         <artifactId>keycloak-social-parent</artifactId>
         <groupId>org.keycloak</groupId>
-        <version>1.0-beta-3-SNAPSHOT</version>
+        <version>1.0-beta-4-SNAPSHOT</version>
         <relativePath>../pom.xml</relativePath>
     </parent>
     <modelVersion>4.0.0</modelVersion>
diff --git a/testsuite/integration/pom.xml b/testsuite/integration/pom.xml
index f7be0a8d10..a1d7c50c19 100755
--- a/testsuite/integration/pom.xml
+++ b/testsuite/integration/pom.xml
@@ -4,7 +4,7 @@
     <parent>
         <artifactId>keycloak-parent</artifactId>
         <groupId>org.keycloak</groupId>
-        <version>1.0-beta-3-SNAPSHOT</version>
+        <version>1.0-beta-4-SNAPSHOT</version>
         <relativePath>../../pom.xml</relativePath>
     </parent>
     <modelVersion>4.0.0</modelVersion>
diff --git a/testsuite/performance/pom.xml b/testsuite/performance/pom.xml
index 1e34a3177f..6dbe26e2ba 100755
--- a/testsuite/performance/pom.xml
+++ b/testsuite/performance/pom.xml
@@ -5,7 +5,7 @@
     <parent>
         <artifactId>keycloak-parent</artifactId>
         <groupId>org.keycloak</groupId>
-        <version>1.0-beta-3-SNAPSHOT</version>
+        <version>1.0-beta-4-SNAPSHOT</version>
         <relativePath>../../pom.xml</relativePath>
     </parent>
     <modelVersion>4.0.0</modelVersion>
diff --git a/testsuite/pom.xml b/testsuite/pom.xml
index b364e1d1ea..766e6119df 100755
--- a/testsuite/pom.xml
+++ b/testsuite/pom.xml
@@ -4,7 +4,7 @@
 	<parent>
 		<artifactId>keycloak-parent</artifactId>
 		<groupId>org.keycloak</groupId>
-		<version>1.0-beta-3-SNAPSHOT</version>
+		<version>1.0-beta-4-SNAPSHOT</version>
 		<relativePath>../pom.xml</relativePath>
 	</parent>
 	<modelVersion>4.0.0</modelVersion>
diff --git a/timer/api/pom.xml b/timer/api/pom.xml
index f13cc033e2..51f78dc498 100755
--- a/timer/api/pom.xml
+++ b/timer/api/pom.xml
@@ -3,7 +3,7 @@
     <parent>
         <artifactId>keycloak-timer-parent</artifactId>
         <groupId>org.keycloak</groupId>
-        <version>1.0-beta-3-SNAPSHOT</version>
+        <version>1.0-beta-4-SNAPSHOT</version>
     </parent>
 
     <modelVersion>4.0.0</modelVersion>
diff --git a/timer/basic/pom.xml b/timer/basic/pom.xml
index 897925382d..72b203c8ae 100755
--- a/timer/basic/pom.xml
+++ b/timer/basic/pom.xml
@@ -3,7 +3,7 @@
     <parent>
         <artifactId>keycloak-timer-parent</artifactId>
         <groupId>org.keycloak</groupId>
-        <version>1.0-beta-3-SNAPSHOT</version>
+        <version>1.0-beta-4-SNAPSHOT</version>
     </parent>
 
     <modelVersion>4.0.0</modelVersion>
diff --git a/timer/pom.xml b/timer/pom.xml
index 23d289f934..d78a1a7a6e 100755
--- a/timer/pom.xml
+++ b/timer/pom.xml
@@ -3,7 +3,7 @@
     <parent>
         <artifactId>keycloak-parent</artifactId>
         <groupId>org.keycloak</groupId>
-        <version>1.0-beta-3-SNAPSHOT</version>
+        <version>1.0-beta-4-SNAPSHOT</version>
         <relativePath>../pom.xml</relativePath>
     </parent>
 

From c8321fc96e071f61f9d219be32fd9b7a87210701 Mon Sep 17 00:00:00 2001
From: mposolda <mposolda@gmail.com>
Date: Thu, 19 Jun 2014 11:51:20 +0200
Subject: [PATCH 15/15] Improvement for AD integration to avoid exception when
 mulitple users without email are synced to Keycloak DB

---
 .../picketlink/PicketlinkAuthenticationProvider.java   | 10 ++++++++--
 1 file changed, 8 insertions(+), 2 deletions(-)

diff --git a/authentication/authentication-picketlink/src/main/java/org/keycloak/authentication/picketlink/PicketlinkAuthenticationProvider.java b/authentication/authentication-picketlink/src/main/java/org/keycloak/authentication/picketlink/PicketlinkAuthenticationProvider.java
index 615e2c7acf..b2310ede9c 100755
--- a/authentication/authentication-picketlink/src/main/java/org/keycloak/authentication/picketlink/PicketlinkAuthenticationProvider.java
+++ b/authentication/authentication-picketlink/src/main/java/org/keycloak/authentication/picketlink/PicketlinkAuthenticationProvider.java
@@ -51,9 +51,15 @@ public class PicketlinkAuthenticationProvider implements AuthenticationProvider
 
         try {
             User picketlinkUser = BasicModel.getUser(identityManager, username);
-            return picketlinkUser == null ? null : new AuthUser(picketlinkUser.getId(), picketlinkUser.getLoginName(), getName())
+            if (picketlinkUser == null) {
+                return null;
+            }
+
+            String email = (picketlinkUser.getEmail() != null && picketlinkUser.getEmail().trim().length() > 0) ? picketlinkUser.getEmail() : null;
+
+            return new AuthUser(picketlinkUser.getId(), picketlinkUser.getLoginName(), getName())
                     .setName(picketlinkUser.getFirstName(), picketlinkUser.getLastName())
-                    .setEmail(picketlinkUser.getEmail())
+                    .setEmail(email)
                     .setProviderName(getName());
         } catch (IdentityManagementException ie) {
             throw convertIDMException(ie);